WordPress Plugin Vulnerabilities
Amministrazione Aperta < 3.8 - Admin+ LFI
Description
The plugin does not validate the open parameter before using it in an include statement, leading to a Local File Inclusion issue. The original advisory mentions that unauthenticated users can exploit this, however the affected file generates a fatal error when accessed directly and the affected code is not reached. The issue can be exploited via the dashboard when logged in as an admin, or by making a logged in admin open a malicious link
Proof of Concept
https://example.com/wp-admin/admin.php?page=impostazioni-wpgov&open=../../index.php
Affects Plugins
References
CVE
Exploitdb
Classification
Type
LFI
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Hassan Khan Yusufzai - Splint3r7
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2022-03-23 (about 2 years ago)
Added
2022-03-23 (about 2 years ago)
Last Updated
2022-05-17 (about 1 years ago)