GobyVuls/WordPress_Plugin_Extensive_VC_Addons_File_Inclusion_Vulnerability.md at 98f2d80fd1cf5efc5209f0868db16d96f9899ad6

mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-06 18:52:01 +00:00

add WordPress Plugin Extensive VC Addons File Inclusion Vulnerability

2023-06-21 17:07:21 +08:00

WordPress Plugin Extensive VC Addons File Inclusion Vulnerability

Vulnerability	WordPress Plugin Extensive VC Addons File Inclusion Vulnerability
Chinese name	WordPress Extensive VC Addons 插件 options[template] 文件包含漏洞
CVSS core	9.8
FOFA Query (click to view the results directly)	body="wp-content/plugins/extensive-vc-addon"
Number of assets affected	2583
Description	Extensive VC is a powerful WordPress tool which allows you to add unique, flexible and fully responsive shortcode elements on your site. xtensive VC Addons < 1.9.1 is vulnerable to Local File Inclusion.
Impact	Attackers can use this vulnerability to read the leaked source code, database configuration files, etc., resulting in an extremely insecure website.