Advanced Access Manager 2.8.2 - Admin User File Read/Write

Affects Plugin

fixed in version 2.8.3

References

CVE 2014-6059
URL https://security.dxw.com/advisories/advanced-access-manager-allows-admin-users-to-write-arbitrary-text-to-arbitrary-locations-which-could-lead-to-arbitrary-code-execution-etc/
URL https://seclists.org/fulldisclosure/2014/Sep/21

Classification

Type RCE
OWASP Top 10 A1: Injection
CWE CWE-94

Miscellaneous

Submitter ethicalhack3r
Submitter Website https://dewhurstsecurity.com/
Submitter Twitter ethicalhack3r
Views 4771
Verified No
WPVDB ID 7611

Timeline

Publicly Published 2014-09-27 (almost 6 years ago)
Added 2014-09-27 (almost 6 years ago)
Last Updated 2019-10-21 (9 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin