GHSA-qgcw-xhvq-jg68MediumCVSS 6.2

WordPress Plugin Abtest contains a local file inclusion vulnerability that allows unauthenticated...

Published
June 15, 2026
Last Modified
June 15, 2026

🔗 CVE IDs covered (1)

📋 Description

WordPress Plugin Abtest contains a local file inclusion vulnerability that allows unauthenticated attackers to include arbitrary files by manipulating the action parameter. Attackers can send GET requests to abtest_admin.php with malicious action values to include files from the admin directory and execute arbitrary code.

🔗 References (5)