WordPress Plugin Photocart Link 1.6 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting insufficient input validation in decode.ph
WordPress IMDb Profile Widget 1.0.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the url parameter. Attackers can supply
Surreal ToDo 0.6.1.2 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the content parameter. Attackers can supply directory t
The Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.59.12 via the 'template' shortcode
Simple Fields 0.2 through 0.3.5 WordPress Plugin contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting null bytes into the wp_abspath
WP Vault 0.8.6.6 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting an unescaped parameter in the include functionality. Attacker
WordPress Plugin admin-word-count-column 2.2 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting null byte injection in the path parame
WordPress Brandfolder plugin version 3.0 and earlier contains a local file inclusion vulnerability in callback.php that allows unauthenticated attackers to include arbitrary files by manipulating the
WordPress Plugin amministrazione-aperta 3.7.3 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting insufficient input validation in the
WordPress Dharma Booking 2.28.3 and earlier contains a local file inclusion vulnerability that allows unauthenticated attackers to include arbitrary files by manipulating the gateway parameter. Attack
The 简数采集器 plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 2.6.3 via the __kds_flag functionality that imports featured images. This makes it possible fo
The Category Ajax Filter plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.2 via the 'params[caf-post-layout]' parameter. This makes it possible for
The Product Carousel Slider & Grid Ultimate for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.9.10 via the 'theme' attribute of the `wc
WordPress Plugin ultimate-member 2.1.3 contains a local file inclusion vulnerability that allows authenticated attackers to include arbitrary files by manipulating the pack parameter in class-admin-up
Joomla! Component Easy Shop 1.2.3 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by supplying base64-encoded file paths. Attackers can send
The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.8.6 via the
The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 2.14.16. This is due to the plugin's RE
WordPress Plugin cab-fare-calculator 1.0.3 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the controller parameter in tblig
The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.33.5 via the locate_template() function. This makes it possible for au
The News and Blog Designer Bundle plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1 via the template parameter. This makes it possible for unauthenti
Page 1+ Next →