ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Nelio AB Testing Plugin <= 4.4.4 - Path Traversal

Product
Nelio AB Testing
Description
This vulnerability allows attackers to read the contents of files and expose sensitive data. If the targeted file is used for a security mechanism, then the attacker is able to bypass that mechanism.
Solution
Update the plugin.
Classification
Type Local File Inclusion
OWASP Top 10 A1: Injection
References
Openwall
CVE
Name CVE-N/A
Versions
Affected In <= 4.4.4
Fixed In 4.5.0
Disclosure date
2016-05-11
Credits
Henri Salo
Submitter
ThreatPress