CVE-2014-2674

2018-03-19T21:29:00
ID CVE-2014-2674
Type cve
Reporter cve@mitre.org
Modified 2018-04-18T18:26:00

Description

Directory traversal vulnerability in the Ajax Pagination (twitter Style) plugin 1.1 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the loop parameter in an ajax_navigation action to wp-admin/admin-ajax.php.