WordPress Plugin Vulnerabilities

Fusion Engage 1.0.5 - Local File Disclosure

Description

The fusion-engage WordPress plugin was affected by a Local File Disclosure security vulnerability.

Proof of Concept

Affects Plugins

Plugin icon
fusion-engage
No known fix

References

URL
https://packetstormsecurity.com/files/#131379/
URL
https://seclists.org/fulldisclosure/2015/Apr/27

Classification

Type
LFI
OWASP top 10
A1: Injection
CWE
CWE-22

Miscellaneous

Submitter
pvdl
Verified
No
WPVDB ID
96ba83d7-e6e0-42d5-a984-3f39f66f8fce

Timeline

Publicly Published
2015-04-10 (about 11 years ago)
Added
2015-04-13 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2024-02-05
Title
Shield Security – Smart Bot Blocking & Intrusion Prevention Security < 18.5.10 - Unauthenticated Local File Inclusion
Published
2026-03-02
Title
Page Builder by SiteOrigin < 2.34.0 - Contributor+ Local File Inclusion
Published
2024-11-15
Title
PDF Generator Addon for Elementor Page Builder < 2.0.1 - Unauthenticated Arbitrary File Download
Published
2017-09-19
Title
WordPress 4.4-4.8.1 - Path Traversal in Customizer
Published
2014-12-07
Title
ChurcHope Theme <= 2.1 - Local File Inclusion (LFI)