WordPress Plugin Vulnerabilities

Kish Guest Posting 1.2 - Arbitrary File Upload

Description

The kish-guest-posting WordPress plugin was affected by an Arbitrary File Upload security vulnerability.

Affects Plugins

Plugin icon
kish-guest-posting
No known fix

References

CVE
CVE-2012-1125
CVE
CVE-2012-5318
Exploitdb
18412

Classification

Type
RFI
OWASP top 10
A1: Injection
CWE
CWE-98

Miscellaneous

Verified
No
WPVDB ID
c597227b-c4fd-4aa9-9b61-893619314b42

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2025-06-25
Title
Blogmine < 1.1.8 - Unauthenticated Local File Inclusion
Published
2025-08-19
Title
DetailX <= 1.10.0 - Unauthenticated Local File Inclusion
Published
2025-07-01
Title
WP Travel Gutenberg Blocks < 3.9.1 - Unauthenticated Local File Inclusion
Published
2025-07-07
Title
Widget for Google Reviews < 1.0.16 - Authenticated (Subscriber+) Directory Traversal to Local File Inclusion
Published
2026-01-08
Title
Anarkali <= 1.0.9 - Unauthenticated Local File Inclusion