Full Disclosure

Local File Include vulnerability in GD bbPress Attachments allows attackers to include arbitrary PHP files (WordPress plugin)

July 10, 2015 007admin Leave a comment

Posted by dxw Security on Jul 10

Details
================
Software: GD bbPress Attachments
Version: 2.1
Homepage: http://wordpress.org/plugins/gd-bbpress-attachments/
Advisory report:
https://security.dxw.com/advisories/local-file-include-vulnerability-in-gd-bbpress-attachments-allows-attackers-to-include-arbitrary-php-files/
CVE: Awaiting assignment
CVSS: 4.3 (Medium; AV:N/AC:M/Au:N/C:N/I:N/A:P)

Description
================
Local File Include vulnerability in GD bbPress…

Leave a Reply Cancel reply

You must be logged in to post a comment.

Software and Security Information