WordPress Plugin Vulnerabilities

WP Image Zoom < 1.47 - Local File Inclusion

Description

The plugin did not validate its tab parameter before using it in the include_once() function, leading to a local file inclusion issue in the admin dashboard

Proof of Concept

PoC: https://example.com/wp-admin/admin.php?page=zoooom_settings&tab=whatever

This URL shows include_once error, which indicates that the parameter is not sanitized.

Affects Plugins

Plugin icon
wp-image-zoooom
Fixed in 1.47

References

CVE
CVE-2021-24447

Classification

Type
LFI
OWASP top 10
A1: Injection
CWE
CWE-22
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
apple502j
Submitter
apple502j
Verified
Yes
WPVDB ID
fb9dbcdf-4ffd-484d-9b67-283683d050fd

Timeline

Publicly Published
2021-06-23 (about 2 years ago)
Added
2021-06-23 (about 2 years ago)
Last Updated
2022-01-02 (about 2 years ago)

Other

Published
Title
Published
2015-06-06
Title
SE HTML5 Album Audio Player <= 1.1.0 - Local File Include
Published
2015-07-07
Title
S3Bubble Cloud Video With Adverts & Analytics <= 0.7 - Arbitrary File Download
Published
2012-06-18
Title
Wp-ImageZoom <= 1.0.4 - File Disclosure
Published
2024-03-28
Title
SellKit < 1.8.3 - Authenticated (Subscriber+) Arbitrary File Download
Published
2015-04-13
Title
WP Mobile Edition < 2.3 - Remote File Disclosure