The AdminOnline plugin for WordPress has a security vulnerability that makes it easy for unauthenticated attackers to access and download otherwise restricted files. This is done by using the ‘file’ parameter in the ‘download.php’ file.
The AdminOnline plugin for WordPress has a security vulnerability that makes it easy for unauthenticated attackers to access and download otherwise restricted files. This is done by using the ‘file’ parameter in the ‘download.php’ file.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.