Authenticated Local File Inclusion (LFI) Vulnerability in Posts in Page | WordPress.org

Resolved digbymaass
(@digbymaass)

7 years, 2 months ago

Warning sent from the Plugin Vulnerabilities plugin…
The installed version of the Posts in Page plugin, 1.2.4, contains an authenticated local file inclusion (LFI) vulnerability. More details on the vulnerability can be found at –
https://www.pluginvulnerabilities.com/2017/02/13/authenticated-local-file-inclusion-lfi-vulnerability-in-posts-in-page/

Viewing 2 replies - 1 through 2 (of 2 total)

Plugin Author ivycat
(@ivycat)

7 years, 2 months ago

We have a patch for this vulnerability that is currently in testing and should be released within 24 hours.

Plugin Author ivycat
(@ivycat)

7 years, 2 months ago

Howdy @digbymaass,

Just wanted to confirm that we released version 1.3.0 yesterday, which patches this vulnerability completely.

Thanks for your support.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Authenticated Local File Inclusion (LFI) Vulnerability in Posts in Page’ is closed to new replies.

In: Plugins
2 replies
2 participants
Last reply from: ivycat
Last activity: 7 years, 2 months ago
Status: resolved