Date: Thu, 24 Jul 2014 21:11:24 +0300 From: Henri Salo <henri@...v.fi> To: oss-security@...ts.openwall.com Subject: CVE request: WordPress plugin vitamin traversal arbitrary file access Can I get 2012 CVE for WordPress plugin vitamin path parameter traversal arbitrary file access vulnerability, thanks. Files: add_headers.php, minify.php Affected: 1.0 Fixed in: 1.1 Short description of plugin: Vitamin is about SEO, speed and security. It includes sitemaps for SEO, cache for speed, antispam and hacker blocks for security. Plugin page: http://wordpress.org/plugins/vitamin/ Changelog: http://wordpress.org/plugins/vitamin/changelog/ OSVDB: http://osvdb.org/84463 http://osvdb.org/84464 SCM: https://plugins.trac.wordpress.org/changeset/582232/vitamin --- Henri Salo [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ