admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-20 01:40:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create WordPress_Plugin_Extensive_VC_Addons_File_Inclusion_Vulnerability.md

Browse Source 
add WordPress Plugin Extensive VC Addons File Inclusion Vulnerability
This commit is contained in:
Goby 2023-06-21 17:07:21 +08:00 committed by GitHub
parent fbb45c1a31
commit cdd36012f9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
WordPress_Plugin_Extensive_VC_Addons_File_Inclusion_Vulnerability.md Normal file
View File

@ -0,0 +1,12 @@
## WordPress Plugin Extensive VC Addons File Inclusion Vulnerability
| **Vulnerability** | **WordPress Plugin Extensive VC Addons File Inclusion Vulnerability** |
| :----: | :-----|
| **Chinese name** | WordPress Extensive VC Addons 插件 options[template] 文件包含漏洞 |
| **CVSS core** | 9.8 |
| **FOFA Query** (click to view the results directly)| [body="wp-content/plugins/extensive-vc-addon"](https://en.fofa.info/result?qbase64=Ym9keT0id3AtY29udGVudC9wbHVnaW5zL2V4dGVuc2l2ZS12Yy1hZGRvbiI%3D) |
| **Number of assets affected** | 2583 |
| **Description** | Extensive VC is a powerful WordPress tool which allows you to add unique, flexible and fully responsive shortcode elements on your site. xtensive VC Addons < 1.9.1 is vulnerable to Local File Inclusion. |
| **Impact** | Attackers can use this vulnerability to read the leaked source code, database configuration files, etc., resulting in an extremely insecure website. |
![](https://s3.bmp.ovh/imgs/2023/06/21/10e1c4496ca1db1b.gif)