ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Wechat Broadcast plugin <= 1.2.0 - Local/Remote File Inclusion vulnerability

Product
Wechat Broadcast
Description
Local/Remote File Inclusion vulnerability found by Manuel Garcia Cardenas in WordPress Wechat Broadcast plugin (versions <= 1.2.0).
Solution
2018 October 3rd - no patched version available to download. We recommend to deactivate and uninstall.
Classification
Type Local File Inclusion
OWASP Top 10 A1: Injection
References
Plugin changelog
CVE
Name CVE-2018-16283
Versions
Affected In <= 1.2.0
Disclosure date
2018-10-03
Credits
Manuel Garcia Cardenas
Submitter
ThreatPress