WordPress Mailing List Plugin 'wpabspath' Parameter Remote File Include Vulnerability Network Vulnerability

Summary

The Mailing List plug-in for WordPress is prone to a remote file- include vulnerability because it fails to sufficiently sanitize user- supplied input. Exploiting this issue could allow an attacker to compromise the application and the underlying system other attacks are also possible. Mailing List 1.3.2 is vulnerable other versions may also be affected.

References

http://wordpress.org/
http://wordpress.org/extend/plugins/mailz/
http://www.securityfocus.com/bid/49691

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adiscon LogAnalyzer Multiple SQL Injection and XSS Vulnerabilities
aflog Cookie-Based Authentication Bypass Vulnerability
ActivePerl perlIS.dll Buffer Overflow
Apache Axis2 Document Type Declaration Processing Security Vulnerability
ArticleFR CMS 'id' Parameter SQL Injection Vulnerability

Take action and discover your vulnerabilities