Vulnerabilities > Siteeditor > Site Editor > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-19 | CVE-2018-7422 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Siteeditor Site Editor 1.0.0/1.1.0/1.1.1 A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path traversal. | 5.0 |