WordPress Plugin Vulnerabilities

Social Discussions 6.1.1 - Remote File Inclusion

Description

The Social Discussions WordPress plugin was affected by a Remote File Inclusion security vulnerability.

Affects Plugins

Plugin icon
social-discussions
Fixed in 6.1.2

References

Exploitdb
22158
URL
https://exchange.xforce.ibmcloud.com/vulnerabilities/79464
URL
http://www.waraxe.us/advisory-93.html
URL
https://plugins.trac.wordpress.org/changeset/634730/social-discussions

Classification

Type
RFI
OWASP top 10
A1: Injection
CWE
CWE-98

Miscellaneous

Verified
No
WPVDB ID
48651272-697e-4629-a89f-de280ca4fd71

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-11-01 (about 6 years ago)

Other

Published
Title
Published
2026-01-13
Title
Laurent <= 3.1 - Authenticated (Contributor+) Local File Inclusion
Published
2025-06-09
Title
GrandPrix < 1.6.1 - Unauthenticated Local File Inclusion
Published
2026-03-02
Title
Translogic <= 1.2.11 - Unauthenticated Local File Inclusion
Published
2026-03-02
Title
Meals & Wheels <= 1.1.12 - Unauthenticated Local File Inclusion
Published
2025-02-23
Title
Estatik Mortgage Calculator <= 2.0.12 - Authenticated (Contributor+) Local File Inclusion