WordPress Slider Revolution Responsive Plugin 'img' Parameter Arbitrary File Download Vulnerabilitiy
BID:68942
Info
WordPress Slider Revolution Responsive Plugin 'img' Parameter Arbitrary File Download Vulnerabilitiy
| Bugtraq ID: | 68942 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 28 2014 12:00AM |
| Updated: | Jul 28 2014 12:00AM |
| Credit: | Claudio Viviani |
| Vulnerable: |
ENVATO Slider Revolution Responsive 4.1.4 |
| Not Vulnerable: | |
Discussion
WordPress Slider Revolution Responsive Plugin 'img' Parameter Arbitrary File Download Vulnerabilitiy
The Slider Revolution Responsive plugin for WordPress is prone to an arbitrary-file-download vulnerability.
An attacker can exploit this issue to download arbitrary files from the web server and obtain potentially sensitive information.
The Slider Revolution Responsive plugin for WordPress is prone to an arbitrary-file-download vulnerability.
An attacker can exploit this issue to download arbitrary files from the web server and obtain potentially sensitive information.
Solution / Fix
WordPress Slider Revolution Responsive Plugin 'img' Parameter Arbitrary File Download Vulnerabilitiy
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
WordPress Slider Revolution Responsive Plugin 'img' Parameter Arbitrary File Download Vulnerabilitiy
References:
References:
- Slider Revolution Responsive Homepage (Envato)
- WordPress HomePage (WordPress)