WordPress Plugin: Advanced XML Reader v0.3.4 XXE Vulnerability

The WordPress plugin Advanced XML Reader v0.3.4 published here: http://wordpress.org/extend/plugins/advanced-xml-reader/ is susceptible to XXE XML eXternal Entity processing attacks. After installing the plugin on a Windows machine, I created a text file in the root of C: named "test.txt", which...

WordPress Advanced XML Reader 0.3.4 XXE Injection Vulnerability

WordPress Advanced XML Reader plugin version 0.3.4 suffers from a XXE XML eXternal Entity injection vulnerability The WordPress plugin Advanced XML Reader v0.3.4 published here: http://wordpress.org/extend/plugins/advanced-xml-reader/ is susceptible to XXE XML eXternal Entity processing attacks...