WordPress Plugin Vulnerabilities
Cab fare calculator < 1.0.4 - Unauthenticated LFI
Description
The plugin does not validate the controller parameter before using it in require statements, which could lead to Local File Inclusion issues.
Despite what the original advisory claims, the issue is not exploitable by accessing the file directly as a fatal error is triggered before the vulnerable code is reached, however can be exploited by unauthenticated attackers via other requests
Proof of Concept
https://example.com/?controller=../../../index&action=1&ajax=1 https://example.com/?controller=../../../index&action=1&pg=tblight
Affects Plugins
References
Classification
Type
LFI
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Hassan Khan Yusufzai - Splint3r7
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2022-03-30 (about 2 years ago)
Added
2022-03-30 (about 2 years ago)
Last Updated
2022-07-27 (about 1 years ago)