QwikSec

Security Database

CVE

CWE

Training

CVE-2019-14205

Published: Jul 21, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

A Local File Inclusion vulnerability in the Nevma Adaptive Images plugin before 0.6.67 for WordPress allows remote attackers to retrieve arbitrary files via the $REQUEST['adaptive-images-settings']['source_file'] parameter in adaptive-images-script.php.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://markgruffer.github.io/2019/07/19/adaptive-images-for-wordpress-0-6-66-lfi-rce-file-deletion.html

x_refsource_MISC

https://wordpress.org/plugins/adaptive-images/#developers

x_refsource_MISC

https://github.com/markgruffer/markgruffer.github.io/blob/master/_posts/2019-07-19-adaptive-images-for-wordpress-0-6-66-lfi-rce-file-deletion.markdown

x_refsource_MISC

https://wpvulndb.com/vulnerabilities/9468

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.