ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Tom M8te Plugin <= 1.5.3 - Local File Inclusion

Product
Tom M8te
Description
Because of this vulnerability, the attackers can read arbitrary files via the "file" parameter to tom-download-file.php.
Solution
Upgrade the plugin.
Classification
Type Local File Inclusion
References
CVE Mitre
CVE
Name CVE-2014-5187
Versions
Affected In <= 1.5.3
Fixed In 1.5.4
Disclosure date
2014-08-06
Credits
Anant Shrivastava