WordPress Plugin Vulnerabilities

SAM Pro (Free Edition) < 1.9.7.69 - Local File Inclusion (LFI)

Description

The SAM Pro (Free Edition) WordPress plugin was affected by a Local File Inclusion (LFI) security vulnerability.

Affects Plugins

Plugin icon
sam-pro-free
Fixed in 1.9.7.69

References

URL
https://plugins.trac.wordpress.org/changeset/1526624/sam-pro-free
URL
https://www.pluginvulnerabilities.com/2016/10/28/local-file-inclusion-lfi-vulnerability-in-sam-pro-free-edition/

Classification

Type
LFI
OWASP top 10
A1: Injection
CWE
CWE-22

Miscellaneous

Submitter
Claude Godlewski
Verified
No
WPVDB ID
0cf6e484-0edc-4f29-93ca-3d46e9e5b5c7

Timeline

Publicly Published
2016-10-28 (about 9 years ago)
Added
2016-11-02 (about 9 years ago)
Last Updated
2019-11-01 (about 6 years ago)

Other

Published
Title
Published
2026-02-03
Title
Code Explorer <= 1.4.6 - Authenticated (Administrator+) Arbitrary File Read via 'file' Parameter
Published
2025-07-02
Title
JKDEVKIT <= 1.9.4 - Authenticated (Subscriber+) Arbitrary File Deletion
Published
2023-11-06
Title
WPB Show Core <= 2.2 - Unauthenticated Local File Inclusion
Published
2024-04-22
Title
Sendinblue for WooCommerce < 4.0.18 - Authenticated (Editor+) Arbitrary File Download and Deletion
Published
2025-05-20
Title
Madara – Responsive and modern WordPress theme for manga sites < 2.2.2.1 - Unauthenticated Local File Inclusion