Intrusion Prevention

WordPress.Plugin.Sniplets.File.Inclusion

Description

This indicates an attempt to exploit a Remote File Include vulnerability in WordPress Plugin Sniplets.
The vulnerability is caused by an error that occurs when the vulnerable software handles a malicious request. It allows a remote attacker to execute arbitrary code via sending a crafted web page.

Affected Products

Sniplets 1.1.2 and 1.2.2 plugin for WordPress

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Improve the web page back-end source code to verify client requests properly.

CVE References

CVE-2008-1059