AI Score
Confidence
High
EPSS
Percentile
48.5%
Description The plugin does not validate the path and name of a file before including it, allowing unauthenticated visitors to include and execute arbitrary php files on the server, leading to remote code execution.
www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/dropbox-folder-share/dropbox-folder-share-197-unauthenticated-local-file-inclusion