ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Site Editor plugin <=1.1.1 - Local File Inclusion (LFI) vulnerability

Product
Site Editor
Description
Local File Inclusion (LFI) vulnerability found by Nicolas Buzy-Debat in WordPress Site Editor plugin (versions <=1.1.1).
Solution
19.03.18 - we were unable to find a patched version of the plugin.
Classification
Type Local File Inclusion
OWASP Top 10 A1: Injection
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <=1.1.1
Disclosure date
2018-03-19
Credits
Nicolas Buzy-Debat
Submitter
ThreatPress