The Karzo theme for WordPress has a security issue called Local File Inclusion. This means that anyone can access and run certain .php files on the server, even if they are not logged in. This can be used to get around security measures, gather private information, or run code if .php files can be uploaded and included.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
