WordPress Media Library Assistant 3.09 LFI / Remote Code Execution

WordPress Media Library Assistant plugin versions prior to 3.10 are affected by an unauthenticated remote reference to Imagick() conversion which allows attacker to perform local file inclusion and remote code execution depending on the Imagick configuration on the remote server.   Exploit Files ≈ Packet Storm 

 

More To Explore

The Core of Modern Cybersecurity

Modern Cybersecurity and Security Control Validation In the ever-shifting sands of the cyber threat landscape, the need for a dynamic and robust cybersecurity posture has