Enhancement: cves/2018/CVE-2018-7422.yaml by mp
parent
90d3d8c1b8
commit
f3876b41e4
|
@ -1,15 +1,15 @@
|
|||
id: CVE-2018-7422
|
||||
|
||||
info:
|
||||
name: WordPress Site Editor Plugin LFI
|
||||
name: WordPress Site Editor <=1.1.1 - Local File Inclusion
|
||||
author: LuskaBol,0x240x23elu
|
||||
severity: high
|
||||
description: A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php.
|
||||
description: WordPress Site Editor through 1.1.1 allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/44340
|
||||
- http://seclists.org/fulldisclosure/2018/Mar/40
|
||||
- https://wpvulndb.com/vulnerabilities/9044
|
||||
- https://www.exploit-db.com/exploits/44340/
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2018-7422
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
||||
cvss-score: 7.5
|
||||
|
@ -36,3 +36,5 @@ requests:
|
|||
regex:
|
||||
- "root:.*:0:0:"
|
||||
part: body
|
||||
|
||||
# Enhanced by mp on 2022/06/17
|
||||
|
|
Loading…
Reference in New Issue