Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2018-7422

Published: 19/03/2018 Updated: 24/08/2020
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 506
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Site Editor

Vulnerability Summary

A Local File Inclusion vulnerability in the Site Editor plugin up to and including 1.1.1 for WordPress allows remote malicious users to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path traversal.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

siteeditor site editor

Exploits

Exploit DB: Wordpress Plugin Site Editor 1.1.1 - Local File Inclusion
Product: Site Editor Wordpress Plugin - wordpressorg/plugins/site-editor/ Vendor: Site Editor Tested version: 111 CVE ID: CVE-2018-7422 ** CVE description ** A Local File Inclusion vulnerability in the Site Editor plugin through 111 for WordPress allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor ...
Exploit DB: WordPress Site Editor 1.1.1 Local File Inclusion
WordPress Site Editor plugin version 111 suffers from a local file inclusion vulnerability ...

Github Repositories

https://github.com/JacobEbben/CVE-2018-7422

Local File Inclusion in WordPress Plugin Site Editor 1.1.1

CVE-2018-7422 Exploit for CVE-2018-7422: Local File Inclusion in WordPress Plugin Site Editor 111 DISCLAIMER: This script is made to audit the security of systems Only use this script on your own systems or on systems you have written permission to exploit

https://github.com/HeiTang/ZYXEl-CTF-WriteUp

2020 合勤【榮耀資戰 – 重裝上陣】 WriteUp

2020 合勤【榮耀資戰 – 重裝上陣】 WriteUp 日誌分析 [2pts] 日誌分析-01 題目 說明: Log 為誘捕系統連線資訊,請分析在此份 log 中,駭客最感興趣的前三名服務。flag為前三名服務 port 號,依序合併後的SHA1加密值(小寫)。 範例: 前三名服務 [80,5060,21] -> sha1('80506021') -&

https://github.com/AhmedPinger/Security-Operation-Assessment-Using-Snort-Pfsense-Firewall

Security Operation Assessment Using Snort & Pfsense Firewall By Ahmed Pinger Table Of Contents Introduction Project Implementation Plan Analysis & Design Development Testing Documentation Scope Of Work Project Flow Setting Up Topology Diagram Setup VMware Setting Up Virtual Switches Development Setup and Configure Web Server Setup an Attacker Machine Set

https://github.com/jessisec/CVE-2018-7422

Site Editor WordPress Plugin <= 1.1.1 Local File Inclusion Script

CVE-2018-7422 Site Editor WordPress Plugin &lt;= 111 Local File Inclusion Script Usage python3 CVE-2018-7422py -u &lt;url&gt; -f &lt;file&gt; or Interactive mode: python3 CVE-2018-7422py -u &lt;url&gt; -i Screenshot (Interactive mode)

References

CWE-22CWE-829http://seclists.org/fulldisclosure/2018/Mar/40https://wpvulndb.com/vulnerabilities/9044https://www.exploit-db.com/exploits/44340/https://nvd.nist.govhttps://www.exploit-db.com/exploits/44340/https://github.com/JacobEbben/CVE-2018-7422
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook