Summary
This host is installed with WordPress
Paid Memberships Pro plugin and is prone to directory traversal vulnerability.
Impact
Successful exploitation will allow remote
attackers to download arbitrary files.
Impact Level: Application
Solution
Upgrade to version 1.7.15 or later,
For updates refer https://wordpress.org/plugins/paid-memberships-pro
Insight
Flaw exists as the 'REQUEST_URI' is not
escaped and getfile.php is accessible to everyone.
Affected
WordPress Paid Memberships Pro version
1.7.14, prior versions may also be affected.
Detection
Send a crafted data via HTTP GET request
and check whether it is able to read arbitrary files or not.
References
Severity
Classification
-
CVE CVE-2014-8801 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Abtp Portal Project 'ABTPV_BLOQUE_CENT' Parameter Local and Remote File Include Vulnerabilities
- Aker Secure Mail Gateway Cross-Site Scripting Vulnerability
- Apache Archiva Home Page Cross-Site Scripting vulnerability
- 1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability
- Apache Tomcat Login Constraints Security Bypass Vulnerability