ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Post Recommendations Plugin 1.1.2 - Remote File Include

Product
Post Recommendations
Description
WordPress Post Recommendations plugin's "abspath" parameter is prone to a remote file include vulnerability. It allows an attacker o compromise the application and the underlying system. Other attacks are also possible.
Solution
Update the plugin.
Classification
Type Remote File Inclusion
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 1.1.2
Fixed In 1.1.3
Disclosure date
2012-07-16
Credits
Sammy FORGIT