JS MultiHotel 2.2.1 - includes/timthumb.php src Parameter Direct Request Path Disclosure

Affects Plugin

no known fix

References

PACKETSTORM 125959
SECURITYFOCUS 66529
URL https://seclists.org/fulldisclosure/2014/Mar/413

Classification

Type FPD
OWASP Top 10 A6: Security Misconfiguration
CWE CWE-200

Miscellaneous

Views 4098
Verified No
WPVDB ID 7030

Timeline

Publicly Published 2014-08-01 (over 5 years ago)
Added 2014-08-01 (over 5 years ago)
Last Updated 2019-10-21 (4 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin