ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Mediatricks Viva Thumbs Plugin - Multiple Information Disclosure Vulnerabilities

Product
Mediatricks Viva Thumbs
Description
This Mediatricks Viva Thumbs plugin is prone to multiple information-disclosure vulnerabilities. It fails to properly clean up user-supplied input. The attackers may use these issues to confirm the existence of local files outside the WordPress Webroot. The information that they get can be useful for launching further attacks.
Solution
Update the plugin.
Classification
Type Unknown
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In 1.0
Fixed In 1.1
Disclosure date
2010-12-21
Credits
Richard Brain