Main Vulnerability Database Vulnerabilities #VU8452

Backdoor in Display Widgets - #VU8452

Published: September 15, 2017

Vulnerability identifier: #VU8452

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: N/A

CWE-ID: CWE-200

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: David Law

Affected software:
Display Widgets

Detailed vulnerability description

The vulnerability allows a remote attacker to disclose important data on the target system.

The weakness exists due to presence of backdoor in Display Widgets Plugin for WordPress.

Remediation

Update to version 3.0.0.

Sources

https://stallion-theme.co.uk/display-widgets-plugin-review/

Backdoor in Display Widgets - #VU8452

Detailed vulnerability description

Remediation

Sources

Please verify you're human