The DiveIt theme for WordPress has a security issue called Local File Inclusion in versions 1.4.3 and below. This means that anyone who is not logged in can access and run any files on the server, including ones with PHP code. This can be used to bypass security measures, access private information, or run code even if the file type is considered safe, such as images.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
