VYPR

wordTube

by WordPress

CVEs (2)

  • CVE-2007-2481May 3, 2007
    risk 0.06cvss epss 0.40

    PHP remote file inclusion vulnerability in wordtube-button.php in the wordTube 1.43 and earlier plugin for WordPress, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the wpPATH parameter.

  • CVE-2007-2482May 3, 2007
    risk 0.04cvss epss 0.09

    Directory traversal vulnerability in wordtube-button.php in the wordTube 1.43 and earlier plugin for WordPress, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the wpPATH parameter.