CVE-2023-2745: 
NixOS vulnerability analysis and mitigation

WordPress Core was found vulnerable to Directory Traversal in versions up to and including 6.2, discovered in May 2023. The vulnerability (CVE-2023-2745) exists via the 'wp_lang' parameter, allowing unauthenticated attackers to access and load arbitrary translation files (NVD, WordPress Release).

The vulnerability is classified as a Directory Traversal attack (CWE-22) with a CVSS v3.1 base score of 6.1 (Medium). The issue stems from improper validation of the wplang parameter, which could be exploited without authentication. The vulnerability was addressed by introducing a new sanitizelocale_name() function for sanitizing user input of locales, as evidenced in the WordPress core changes (WordPress Patch).

If successfully exploited, attackers can access and load arbitrary translation files on the affected WordPress installations. In scenarios where an attacker can upload a crafted translation file to the site, such as through an upload form, this vulnerability could be leveraged to perform Cross-Site Scripting (XSS) attacks (NVD, Debian Advisory).

The vulnerability was patched in WordPress version 6.2.1. All WordPress installations from version 4.1 through 6.2 should be updated to their respective fixed versions. The fix includes the implementation of proper input sanitization for locale names (WordPress Release).

The vulnerability was independently reported by multiple security researchers, including Ramuel Gall and Matt Rusnak at Wordfence, as well as during a third-party security audit, highlighting the security community's active involvement in WordPress security (WordPress Release).