Back
WordPress Site Editor plugin <=1.1.1 - Local File Inclusion (LFI) vulnerability
- Product
- Site Editor
- Description
- Local File Inclusion (LFI) vulnerability found by Nicolas Buzy-Debat in WordPress Site Editor plugin (versions <=1.1.1).
- Solution
- 19.03.18 - we were unable to find a patched version of the plugin.
- Classification
-
Type Local File Inclusion
OWASP Top 10 A1: Injection
- References
-
Plugin changelog
- CVE
- Name CVE-N/A
- Versions
-
Affected In
<=1.1.1
- Disclosure date
- 2018-03-19
- Credits
- Nicolas Buzy-Debat
- Submitter
- ThreatPress