ThreatPress

WordPress Vulnerabilities Database

Back

WordPress WP Mobile Edition Plugin 2.7 - Remote File Disclosure

Product
WP Mobile Edition
Description
WP Mobile Edition plugin's "get" parameter is prone to a remote file disclosure vulnerability via "themes/mTheme-Unus/css/css.php".
Solution
Upgrade the plugin.
Classification
Type Remote File Inclusion
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 2.7
Fixed In 2.8
Disclosure date
2015-04-13
Credits
Khwanchai Kaewyos