GHSA-qgcw-xhvq-jg68MediumCVSS 6.2
WordPress Plugin Abtest contains a local file inclusion vulnerability that allows unauthenticated...
🔗 CVE IDs covered (1)
📋 Description
WordPress Plugin Abtest contains a local file inclusion vulnerability that allows unauthenticated attackers to include arbitrary files by manipulating the action parameter. Attackers can send GET requests to abtest_admin.php with malicious action values to include files from the admin directory and execute arbitrary code.