Description CMS Made Simple 2.2.1 Local File Inclusion Remediation Update to CMS Made Simple 2.2.2 or later. References http://www.cmsmadesimple.org/2017/07/Announcing-CMSMS-2.2.2-Hearts-Content Related Vulnerabilities WordPress Plugin Redirection Local File Inclusion (2.7.3) vBSEO 3.6.0 PHP code injection Spring Data REST RCE via PATCH requests WordPress Plugin Share Possible Remote Code Execution (1.0) WordPress Plugin Media Library Assistant Multiple Vulnerabilities (2.81) Severity Medium Classification CWE-94 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N Tags File Inclusion