Themes Vulnerabilities

lote27 Theme - Arbitrary File Download

Description

The lote27 WordPress theme was affected by an Arbitrary File Download security vulnerability.

Affects Themes

lote27
No known fix

References

URL
https://web.archive.org/web/20150609023120/https://www.intelligentexploit.com/view-details.html?id=19752

Classification

Type
LFI
OWASP top 10
A1: Injection
CWE
CWE-22

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
9afb53eb-7c4f-49a7-97f6-79b092b17d70

Timeline

Publicly Published
2014-09-28 (about 11 years ago)
Added
2014-09-28 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2025-05-05
Title
Envolve Plugin < 1.1.0 - Unauthenticated Language File Deletion
Published
2021-10-05
Title
Two Way Chat < 3.1.5 - Admin+ Local File Inclusion
Published
2024-06-06
Title
Database Cleaner < 1.0.6 - Authenticated (Admin+) Arbitrary File Read
Published
2023-01-24
Title
LearnPress Plugin < 4.2.0 - Unauthenticated LFI
Published
2019-03-27
Title
Loco Translate < 2.2.2 - Authenticated LFI