WordPress Wechat Broadcast plugin <= 1.2.0 - Local/Remote File Inclusion vulnerability

Local/Remote File Inclusion vulnerability found by Manuel Garcia Cardenas in WordPress Wechat Broadcast plugin versions = 1.2.0. Solution 2018 October 3rd - no patched version available to download. We recommend to deactivate and uninstall...

WordPress Wechat Broadcast Plugin Directory Traversal Vulnerability

WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language, the platform supports PHP and MySQL server set up a personal blog site.Wechat Broadcast is used in one of the microblogging plug-ins. A directory traversal vulnerability exists in the...

Directory traversal

The Wechat Broadcast plugin 1.2.0 and earlier for WordPress allows Directory Traversal via the Image.php url parameter...

CVE-2018-16283

The Wechat Broadcast plugin 1.2.0 and earlier for WordPress allows Directory Traversal via the Image.php url parameter...

CVE-2018-16283

The Wechat Broadcast plugin 1.2.0 and earlier for WordPress allows Directory Traversal via the Image.php url parameter...

CVE-2018-16283

CVE-2018-16283 affects the WordPress plugin Wechat Broadcast (versions ≤ 1.2.0). The NVD/Nuclei/Exploits describe a Local/Directory Traversal vulnerability in the plugin’s Image.php that reads the GET parameter url without proper sanitization, enabling an attacker to include local or remote files...

WordPress Wechat Broadcast 1.2.0 Plugin - Local File Inclusion Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion Author: Manuel Garcia Cardenas Software link: https://es.wordpress.org/plugins/wechat-broadcast/ CVE: N/A Description This bug was found in the file:...

WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion

Exploit Title: WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion Author: Manuel Garcia Cardenas Date: 2018-09-19 Software link: https://es.wordpress.org/plugins/wechat-broadcast/ CVE: CVE-2018-16283 Description This bug was found in the file: /wechat-broadcast/wechat/Image.php echo...

Wechat Broadcast <= 1.2.0 - Local/Remote File Inclusion

This bug was found in the file: /wechat-broadcast/wechat/Image.php echo filegetcontentsisset$GET"url" ? $GET"url" : ''; The parameter "url" it is not sanitized allowing include local or remote files To exploit the vulnerability only is needed use the version 1.0 of the HTTP protocol to interact...

Wechat Broadcast <= 1.2.0 - Local/Remote File Inclusion

This bug was found in the file: /wechat-broadcast/wechat/Image.php echo filegetcontentsisset$GET"url" ? $GET"url" : ''; The parameter "url" it is not sanitized allowing include local or remote files To exploit the vulnerability only is needed use the version 1.0 of the HTTP protocol to interact...

WordPress Wechat Broadcast 1.2.0 Local File Inclusion

Exploit Title: WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion Author: Manuel Garcia Cardenas Date: 2018-09-19 Software link: https://es.wordpress.org/plugins/wechat-broadcast/ CVE: N/A Description This bug was found in the file: /wechat-broadcast/wechat/Image.php echo...

WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion

WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion Exploit Title: WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion Author: Manuel Garcia Cardenas Date: 2018-09-19 Software link: https://es.wordpress.org/plugins/wechat-broadcast/ CVE: CVE-2018-16283 Description This bug w...