CVE-2016-20082

Published
View on NVD ↗
CVSS v3
6.2
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT

Description

WordPress Plugin Abtest contains a local file inclusion vulnerability that allows unauthenticated attackers to include arbitrary files by manipulating the action parameter. Attackers can send GET requests to abtest_admin.php with malicious action values to include files from the admin directory and execute arbitrary code.

wp-plugins/abtest
wp-plugins/abtest
WordPress.org Plugin Mirror
GitHubGitHub
1