WordPress Persuasion Theme 'dl-skin.php' Arbitrary File Access Vulnerability

Persuasion theme for WordPress is prone to an arbitrary file-access vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this issue to download or delete arbitrary files, which may aid in further attacks.

Persuasion 2.0 and 2.3 are vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus