Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in WP-Appbox 4.3.17

  • Severity: high-risk
  • Status: Fixed
  • Publication: January 17, 2022

The WP-Appbox plugin for WordPress is vulnerable to a security risk called Local File Inclusion. This vulnerability affects all versions of the plugin up to and including version 4.3.17. It allows an attacker who is already authenticated to include and execute a malicious file from the server. This malicious file can contain any type of code, including code that can bypass access controls, steal sensitive data, or execute commands on the server. This vulnerability is especially dangerous because it can be exploited even if the server only allows images and other seemingly harmless file types to be uploaded.

Detected in:

WP-Appbox fixed vulnerable versions: >= * <= 4.3.17

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.