A Local File Inclusion vulnerability in the Site Editor plugin up to and including 1.1.1 for WordPress allows remote malicious users to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path traversal.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
siteeditor site editor |