Security Advisory

CVE-2021-38360

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-09-10 13:35:04

Last updated 2025-03-31 18:22:52

Assigner Wordfence

State PUBLISHED

Description

The wp-publications WordPress plugin is vulnerable to restrictive local file inclusion via the Q_FILE parameter found in the ~/bibtexbrowser.php file which allows attackers to include local zip files and achieve remote code execution, in versions up to and including 0.0.

← Browse all CVEs View on cve.org ↗