Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin WP Online Store Local File Include and Multiple File Disclosure Vulnerabilities - Vulnerability Database
WP Plugin Wp Online Store

WordPress Plugin WP Online Store Local File Include and Multiple File Disclosure Vulnerabilities

Medium
Reference: No Reference
Title: WordPress Plugin WP Online Store Local File Include and Multiple File Disclosure Vulnerabilities
Overview:

WordPress Plugin WP Online Store is prone to a local file include and multiple file disclosure vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to execute arbitrary local files within the context of the web server process or to obtain potentially sensitive information from local files which may aid in launching further attacks. WordPress Plugin WP Online Store version 1.3.1 downloaded before 2013.01.17 is vulnerable prior versions may also be affected.