Summary
The Light Post WordPress Plugin is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user- supplied input.
Exploiting this issue may allow an attacker to compromise the application and the underlying system
other attacks are also
possible.
Light Post Plugin 1.4 is vulnerable
other versions may also be
affected.
Solution
Vendor updates are available. Please see the references for more information.
References
Severity
Classification
-
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- AdaptBB Multiple Input Validation Vulnerabilities
- Acute Control Panel SQL Injection Vulnerability and Remote File Include Vulnerability
- AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal Vulnerability
- Advantech WebAccess Multiple Vulnerabilities
- Apache Archiva Multiple Remote Command Execution Vulnerabilities