CVE-2018-25329 | wp-with-spritz WP with Spritz Plugin 1.0 on WordPress System Configuration wp.spritz.content.filter.php url filename control (Exploit 44544 / EDB-44544)

A vulnerability was found in wp-with-spritz WP with Spritz Plugin 1.0 on WordPress. It has been declared as problematic. This issue affects some unknown processing of the file wp.spritz.content.filter.php of the component System Configuration Handler. Such manipulation of the argument url leads to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is uniquely identified as CVE-2018-25329. The attack can be launched remotely. Moreover, an exploit is present.VulDB Recent EntriesRead More