WordPress Font Plugin Path Traversal Vulnerability (CVE-2015-7683)
Severity: CRITICAL
Advisory Date: MAY 31, 2016
DESCRIPTION
There is an absolute path traversal vulnerability in WordPress which allows remote attackers to read arbitrary files via a full path name in the URL parameter.
TREND MICRO PROTECTION INFORMATION
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1007178