WordPress Social Media Widget Plugin <= 4.0 - Remote File Inclusion
- Product
- Social Media Widget
- Description
- This plugin contains a Trojan Horse, which allows the attackers to force the upload of arbitrary files.
- Solution
- Update the plugin.
- Classification
-
Type Remote File Inclusion
- References
-
CVE Mitre
- CVE
- Name CVE-2013-1949
- Versions
-
Affected In
<= 4.0
Fixed In 4.1 - Disclosure date
- 2013-02-19
- Credits
- Kurt Seifried