Adminer <= 1.4.5 - Security Bypass



Description
The plugin is still affected and has been closed.
Proof of Concept
https://example.com/wp-content/plugins/adminer/inc/editor/index.php

Affects Plugin

no known fix
- plugin closed

References

URL https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-adminer-security-bypass-1-4-5/
URL https://sumofpwn.nl/advisory/2016/wordpress_adminer_plugin_allows_public__local__database_login.html

Classification

Type BYPASS

Miscellaneous

Original Researcher David Vaartjes
Views 927
Verified No
WPVDB ID 10101

Timeline

Publicly Published 2017-03-03 (over 3 years ago)
Added 2020-02-28 (4 months ago)
Last Updated 2020-02-29 (4 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin