2 matches found
CVE-2015-5482
Directory traversal vulnerability in the GD bbPress Attachments plugin before 2.3 for WordPress allows remote administrators to include and execute arbitrary local files via a .. dot dot in the tab parameter in the gdbbpressattachments page to wp-admin/edit.php...
CVE-2015-5482
The CVE refers to the WordPress plugin GD bbPress Attachments, affected versions prior to 2.3. The vulnerability is a directory traversal in the gdbbpress_attachments page (tab parameter) that allows remote administrators to include and execute local files via wp-admin/edit.php. Impact is arbitra...