Vulnerabilities > Siteeditor
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-03-19 | CVE-2018-7422 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Siteeditor Site Editor 1.0.0/1.1.0/1.1.1 A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path traversal. | 7.5 |