WordPress Plugin Vulnerabilities

WP Business intelligence lite < 1.1 - Remote Code Execution Exploit

Description

The WP Business Intelligence Lite WordPress plugin was affected by a Remote Code Execution Exploit security vulnerability.

Affects Plugins

Plugin icon
wp-business-intelligence-lite
Fixed in 1.1

References

URL
https://packetstormsecurity.com/files/#125927/
URL
https://cxsecurity.com/issue/WLB-2014030243
URL
https://github.com/espreto/wpsploit/blob/master/modules/exploits/unix/webapp/wp_business_intelligence_file_upload.rb

Classification

Type
RCE
OWASP top 10
A1: Injection
CWE
CWE-94

Miscellaneous

Verified
No
WPVDB ID
bfe5ab85-092a-49ba-8632-671a594b5d62

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-10-23 (about 6 years ago)

Other

Published
Title
Published
2021-06-07
Title
Recently < 3.0.5 - Authenticated Code Injection
Published
2021-05-09
Title
All in One SEO Pack < 4.1.0.2 - Admin RCE via unserialize
Published
2025-12-29
Title
Advanced Ads < 2.0.15 - Editor+ Remote Code Execution via Shortcode
Published
2019-07-15
Title
Ad Inserter <= 2.4.21 - Authenticated Remote Code Execution
Published
2024-09-24
Title
Special Text Boxes < 6.2.5 - Unauthenticated Arbitrary Shortcode Execution