WordPress Adsense Extreme Plugin 'adsensextreme[lang]' Parameter Remote File Include Vulnerability Network Vulnerability

Summary

The Adsense Extreme plug-in for WordPress is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue could allow an attacker to compromise the application and the underlying system other attacks are also possible. Adsense Extreme 1.0.3 is vulnerable other versions may also be affected.

Solution

Updates are available. Please see the references for more details.

References

http://wordpress.org/
http://wordpress.org/extend/plugins/adsense-extreme/
http://www.securityfocus.com/bid/49713

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Advantech WebAccess Multiple Vulnerabilities
aflog Cookie-Based Authentication Bypass Vulnerability
AstroSPACES profile.php SQL Injection Vulnerability
Apache Struts ClassLoader Manipulation Vulnerabilities
Assesi 'bg' Parameter SQL Injection vulnerability

Take action and discover your vulnerabilities