ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Thinkun Remind Plugin 1.1.3 - Remote File Disclosure

Product
Thinkun Remind
Description
WordPress Tinymce Thumbnail plugin is prone to a remote file disclosure vulnerability. It allows an attacker to compromise encrypted login credentials for or retrieve the device's administrator password allowing them to directly access the device's configuration control panel.
Solution
Update the plugin.
Classification
Type BYPASS
OWASP Top 10 A7: Missing Function Level Access Control
References
CVE
Name CVE-N/A
Versions
Affected In <= 1.1.3
Fixed In 1.1.4
Disclosure date
2012-06-08
Credits
Sammy FORGIT