2 matches found
CVE-2022-1560
The Amministrazione Aperta WordPress plugin before 3.8 does not validate the open parameter before using it in an include statement, leading to a Local File Inclusion issue. The original advisory mentions that unauthenticated users can exploit this, however the affected file generates a fatal err...
CVE-2022-1560
The CVE-2022-1560 entry concerns the Amministrazione Aperta WordPress plugin before version 3.8, which does not validate the open parameter before using it in an include statement, resulting in a Local File Inclusion (LFI) flaw. Affected: Amministrazione Aperta plugin (WordPress). Root cause: lac...