High severity7.5NVD Advisory· Published Mar 19, 2018· Updated Jun 17, 2026
CVE-2018-7422
CVE-2018-7422
Description
A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path traversal.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=1.1.1
Patches
Vulnerability mechanics
References
3- seclists.org/fulldisclosure/2018/Mar/40nvdExploitMailing ListThird Party Advisory
- www.exploit-db.com/exploits/44340/nvdExploitThird Party AdvisoryVDB Entry
- wpvulndb.com/vulnerabilities/9044nvdThird Party Advisory
News mentions
0No linked articles in our index yet.