Adaptive Images for WordPress <= 0.6.66 - Local File Inclusion & Deletion

Affects Plugin

fixed in version 0.6.67

References

CVE 2019-14205
CVE 2019-14206
URL https://github.com/markgruffer/markgruffer.github.io/blob/master/_posts/2019-07-19-adaptive-images-for-wordpress-0-6-66-lfi-rce-file-deletion.markdown
URL https://markgruffer.github.io/2019/07/19/adaptive-images-for-wordpress-0-6-66-lfi-rce-file-deletion.html
URL https://plugins.trac.wordpress.org/changeset/2121762/adaptive-images

Classification

Type MULTI

Miscellaneous

Original Researcher Mark Gruffer
Submitter Ryan Dewhurst
Submitter Website https://wpscan.io
Submitter Twitter ethicalhack3r
Views 2385
Verified No
WPVDB ID 9468

Timeline

Publicly Published 2019-07-19 (about 1 month ago)
Added 2019-07-22 (about 1 month ago)
Last Updated 2019-07-25 (about 1 month ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin