This vulnerability allows a remote administrator to include and execute arbitrary local files in the “tab” parameter in the gdbbpress_attachments page to wp-admin/edit.php.
Update the plugin.
CPE | Name | Operator | Version |
---|---|---|---|
gd bbpress attachments | le | 2.2 |