Lucene search

K
wpvulndbWpvulndbWPVDB-ID:B34976B3-54C3-45B7-86A0-387EE0A4B680
HistoryApr 18, 2023 - 12:00 a.m.

YARPP - Yet Another Related Posts Plugin < 5.30.5 - Subscriber+ LFI

2023-04-1800:00:00
wpscan.com
17
yarpp plugin
lfi
authentication bypass
security issue

0.0004 Low

EPSS

Percentile

10.5%

The plugin does not validate a parameter before using it in an include statement, allowing any authenticated users, such as subscriber to perform LFI attacks

0.0004 Low

EPSS

Percentile

10.5%

Related for WPVDB-ID:B34976B3-54C3-45B7-86A0-387EE0A4B680