ThreatPress

WordPress Vulnerabilities Database

Back

WordPress wordTube Plugin <= 1.43 - Remote File Inclusion

Product
wordTube
Description
Because of this vulnerability, the attackers can execute arbitrary PHP code via a URL in the "wpPATH" parameter.
Solution
Update the WordPress wordTube plugin to the latest available version (at least 1.44).
Classification
Type Remote File Inclusion
References
CVE Mitre
CVE
Name CVE-2007-2481
Versions
Affected In <= 1.43
Fixed In 1.44
Disclosure date
2007-05-03
Credits
M.Hasran Addahroni
Submitter
ThreatPress