WordPress Last.FM Rotation Plugin <= 3.3 - Local File Inclusion
- Product
- Last.FM Rotation
- Description
- Because of this vulnerability in lastfm-proxy.php, the attackers can read arbitrary files in the "snode" parameter.
- Solution
- Update the plugin.
- Classification
-
Type Local File Inclusion
- References
-
CVE Mitre
- CVE
- Name CVE-2014-5181
- Versions
-
Affected In
<= 1.0
Fixed In 1.1 - Disclosure date
- 2014-08-06
- Credits
- Anant Shrivastava