Vigil@nce - WordPress MDC YouTube Downloader: Local File Inclusion
September 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can traverse directories of WordPress MDC YouTube
Downloader, in order to read a file outside the service root path.
Impacted products: WordPress Plugins not comprehensive.
Severity: 2/4.
Creation date: 06/07/2015.
DESCRIPTION OF THE VULNERABILITY
The MDC YouTube Downloader plugin can be installed on WordPress.
However, user’s data are directly inserted in an access path.
Notably, absolute patch are accepted as is, which allows to
include any file that is readable with the web server access
rights.
An attacker can therefore Local File Inclusion via WordPress MDC
YouTube Downloader, in order to read a file outside the service
root path.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/WordPress-MDC-YouTube-Downloader-Local-File-Inclusion-17312