ThreatPress

WordPress Vulnerabilities Database

Back

WordPress SpamFree Plugin <= 1.9.2 - Full Path Disclosure

Product
WP SpamFree
Description
This plugin is prone to a multiple script direct request path disclosure.
Solution
Upgrade the plugin.
Classification
Type Full path disclosure (FPD)
OWASP Top 10 A6: Sensitive Data Exposure
References
XForce
CVE
Name CVE-N/A
Versions
Affected In <= 1.9.2
Fixed In 1.9.3
Disclosure date
2015-05-15