2 matches found
WordPress Theme Tuner Plugin 'tt-abspath' Parameter Remote File Inclusion Vulnerability
WordPress is prone to a remote file inclusion vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"...
CVE-2012-0934
The CVE-2012-0934 entry describes a Remote File Inclusion in the WordPress Theme Tuner plugin (version before 0.8). The vulnerability occurs in ajax/savetag.php via the tt-abspath parameter, allowing an attacker-controlled URL to be included and arbitrary PHP code to execute on the server. Affect...