Vulnerabilities > WP Publications Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-10 | CVE-2021-38360 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Wp-Publications Project Wp-Publications The wp-publications WordPress plugin is vulnerable to restrictive local file inclusion via the Q_FILE parameter found in the ~/bibtexbrowser.php file which allows attackers to include local zip files and achieve remote code execution, in versions up to and including 0.0. | 7.5 |