A popular WordPress plugin called “Post Grid, Slider & Carousel Ultimate” has a security issue called Local File Inclusion. This means that anyone with Contributor access or higher can include and run any type of file on the server, including PHP files. This can be used to get around security measures, access private information, or even run harmful code.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
