oss-sec mailing list archives

CVE request: WordPress plugin vitamin traversal arbitrary file access

From: Henri Salo <henri () nerv fi>
Date: Thu, 24 Jul 2014 21:11:24 +0300

Can I get 2012 CVE for WordPress plugin vitamin path parameter traversal
arbitrary file access vulnerability, thanks. Files: add_headers.php, minify.php

Affected: 1.0
Fixed in: 1.1

Short description of plugin:

 Vitamin is about SEO, speed and security. It includes sitemaps for SEO, cache
 for speed, antispam and hacker blocks for security. 

Plugin page: http://wordpress.org/plugins/vitamin/
Changelog: http://wordpress.org/plugins/vitamin/changelog/
OSVDB: http://osvdb.org/84463 http://osvdb.org/84464
SCM: https://plugins.trac.wordpress.org/changeset/582232/vitamin

---
Henri Salo

Attachment: signature.asc
Description: Digital signature

Current thread:

CVE request: WordPress plugin vitamin traversal arbitrary file access Henri Salo (Jul 24)
- Re: CVE request: WordPress plugin vitamin traversal arbitrary file access cve-assign (Jul 28)