ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Plainview Activity Monitor plugin <= 20161228 - Remote Command Execution (RCE) vulnerability

Product
Plainview Activity Monitor
Description
Remote Command Execution (RCE) vulnerability found by "aas" in WordPress Plainview Activity Monitor plugin (versions <= 20161228).
Solution
Update the WordPress Plainview Activity Monitor plugin to the latest available version (at least 20180826).
Classification
Type Unknown
OWASP Top 10 A1: Injection
References
Plugin changelog
CVE
Name CVE-2018-15877
Versions
Affected In <= 20161228
Fixed In 20180826
Disclosure date
2018-08-28
Credits
aas
Submitter
ThreatPress