3 matches found
CVE-2014-2674
Directory traversal vulnerability in the Ajax Pagination twitter Style plugin 1.1 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the loop parameter in an ajaxnavigation action to wp-admin/admin-ajax.php...
CVE-2014-2674
Directory traversal vulnerability in the Ajax Pagination twitter Style plugin 1.1 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the loop parameter in an ajaxnavigation action to wp-admin/admin-ajax.php...
CVE-2014-2674
CVE-2014-2674 affects the WordPress Ajax Pagination (twitter Style) plugin, version 1.1. A path traversal/local file inclusion vulnerability exists in the plugin’s ajax_navigation action, allowing remote attackers to read arbitrary files by injecting ".." into the loop parameter sent to wp-admin/...