Directory traversal vulnerability in the zM Ajax Login & Register plugin prior to 1.1.0 for WordPress allows remote malicious users to include and execute arbitrary php files via a relative path in the template parameter in a load_template action to wp-admin/admin-ajax.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zanematthew zm ajax login \\& register |