The Register Plus plugin 3.5.1 and previous versions for WordPress allows remote malicious users to obtain sensitive information via a direct request to (1) dash_widget.php and (2) register-plus.php, which reveals the installation path in an error message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
devbits register-plus 3.4 |
||
devbits register-plus 3.3 |
||
devbits register-plus 2.7 |
||
devbits register-plus 2.6 |
||
devbits register-plus 1.2 |
||
devbits register-plus 1.1 |
||
devbits register-plus 3.5 |
||
devbits register-plus 3.4.1 |
||
devbits register-plus 3.0 |
||
devbits register-plus 2.9 |
||
devbits register-plus 2.8 |
||
devbits register-plus 2.1 |
||
devbits register-plus 2.0 |
||
devbits register-plus 3.2 |
||
devbits register-plus 3.1 |
||
devbits register-plus 2.5 |
||
devbits register-plus 2.4 |
||
devbits register-plus |
||
devbits register-plus 3.0.2 |
||
devbits register-plus 3.0.1 |
||
devbits register-plus 2.3 |
||
devbits register-plus 2.2 |