E18-5m4l2
CVSS:
9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
False Positive:
t
Variants:
1
Year:
2018
Description
This strike exploits a command injection vulnerability in WordPress Plugin Plainview Activity Monitor. The vulnerability is due to improper sanitization of the ip parameter under lookup mode. By successfully exploiting this vulnerability, an authenticated attacker could perform remote code execution on the target server.
CVE
References
MSB
BID
ExploitDB
Secunia
Security Tracker
Metasploit
ZDI
OSVDB
{}