PHP remote file inclusion vulnerability in ajax/savetag.php in the Theme Tuner plugin for WordPress before 0.8 allows remote attackers to execute arbitrary PHP code via a URL in the tt-abspath parameter.
CPE | Name | Operator | Version |
---|---|---|---|
theme_tuner_plugin | le | 0.7 | |
theme_tuner_plugin | eq | 0.1 | |
theme_tuner_plugin | eq | 0.2 | |
theme_tuner_plugin | eq | 0.3 | |
theme_tuner_plugin | eq | 0.4 | |
theme_tuner_plugin | eq | 0.6 |