ThreatPress

WordPress Vulnerabilities Database

Back

WordPress RobotCPA Plugin - Local File Inclusion

Product
RobotCPA
Description
BookX plugin's get parameter "l" is prone to a local file include vulnerability because of failure of validation user-supplied input. It allows an attacker to get potentially sensitive information. The affected file is "f.php".
Solution
Update the plugin.
Classification
Type Local File Inclusion
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 5.0
Fixed In 5.1
Disclosure date
2015-06-10
Credits
T3N38R15