ThreatPress

WordPress Vulnerabilities Database

Back

WordPress JS Multi Hotel Plugin <= 2.2.1 - Remote File Inclusion

Product
JS Multi Hotel
Description
This plugins is prone to a remote file inclusion vulnerability via includes/show_image.php file parameter.
Solution
Update the plugin.
Classification
Type Remote File Inclusion
OWASP Top 10 A1: Injection
References
SecLists
Packet Storm Security
CVE
Name CVE-N/A
Versions
Affected In <= 2.2.1
Fixed In 2.2.2
Disclosure date
2015-05-15
Credits
MustLive