Description
In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe).
Remediation
References
Related Vulnerabilities
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.22)
PHP Improper Input Validation Vulnerability (CVE-2016-4537)
PHP Other Vulnerability (CVE-1999-0058)
WordPress Plugin WolfNet IDX for WordPress Multiple Unspecified Vulnerabilities (1.14.7)
WordPress Plugin Latest Posts by BestWebSoft Cross-Site Scripting (0.2)