ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Zingiri Plugin <= 1.4.3 - Directory Traversal

Product
Zingiri
Description
Because of this vulnerability in forum.php, attackers can read arbitrary files in the "url" parameter to index.php.
Solution
Update the plugin.
Classification
Type Information Disclosure
References
CVE Mitre
CVE
Name CVE-2012-4920
Versions
Affected In <= 1.4.3
Fixed In 1.4.4
Disclosure date
2012-09-14