Description
The disable_functions feature in PHP 4 and 5 allows attackers to bypass intended restrictions by using an alias, as demonstrated by using ini_alter when ini_set is disabled.
Remediation
References
Related Vulnerabilities
WordPress Plugin Caldera Forms-More Than Contact Forms Arbitrary File Disclosure (1.8.1)
WordPress Plugin Advanced Post Type Ratings Cross-Site Scripting (1.01)
WordPress Plugin WordPress Filter Gallery Security Bypass (0.0.6)
WordPress Plugin WP Events Calendar 'event_id' Parameter SQL Injection (6.5.2)
WordPress Plugin Under Construction Unspecified Vulnerability (3.25)