4 matches found
CVE-2016-20078 WordPress IMDb Profile Widget 1.0.8 Local File Inclusion via pic.php
WordPress IMDb Profile Widget 1.0.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the url parameter. Attackers can supply directory traversal sequences in GET requests to pic.php to access sensitive files like...
CVE-2016-20078
WordPress IMDb Profile Widget 1.0.8 contains a local file inclusion (LFI) vulnerability in pic.php that allows unauthenticated attackers to read arbitrary files via directory traversal in the URL. The impact includes potential exposure of sensitive data such as wp-config.php. CVSS metrics present...
WordPress Plugin Shortcode IMDB 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
WordPress plugin IMDB info box 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress IMDB info box plugin has a cross-site scripting vulnerability that stems from failure to clean and...