wp-php-widget.php in the WP PHP widget plugin 1.0.2 for WordPress allows remote malicious users to obtain sensitive information via a direct request, which reveals the full path in an error message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wp_php_widget_project wp_php_widget 1.0.2 |