Description
WordPress Plugin WP-DBManager is prone to a vulnerability that lets attackers delete arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to delete arbitrary files in the context of the webserver process. WordPress Plugin WP-DBManager version 2.79.1 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.79.2 or latest
References
Related Vulnerabilities
WordPress Plugin Video Chat Multiple Cross-Site Scripting Vulnerabilities (1.4.1)
WordPress Plugin ImageMagick Engine Cross-Site Request Forgery (1.7.4)
Oracle Database Server CVE-2007-2114 Vulnerability (CVE-2007-2114)
WordPress Plugin Affiliate PRO Cross-Site Scripting (1.3.1)
WordPress Plugin Tracking Code Manager Multiple Vulnerabilities (1.11.1)