WordPress Adsense Extreme Plugin 'adsensextreme[lang]' Parameter Remote File Include Vulnerability Network Vulnerability

Summary

The Adsense Extreme plug-in for WordPress is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue could allow an attacker to compromise the application and the underlying system other attacks are also possible. Adsense Extreme 1.0.3 is vulnerable other versions may also be affected.

Solution

Updates are available. Please see the references for more details.

References

http://wordpress.org/
http://wordpress.org/extend/plugins/adsense-extreme/
http://www.securityfocus.com/bid/49713

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

ATutor < 1.5.1-pl1 Multiple Flaws
Agora CGI Cross Site Scripting
Alchemy Eye HTTP Command Execution
Apache Tomcat AJP Protocol Security Bypass Vulnerability
'research_display.php' SQL Injection Vulnerability

Take action and discover your vulnerabilities