WordPress – KenBurner Slider Local File Inclusion (LFI)


Kayran has detected that you’re using a Responsive KenBurner Slider WordPress Plugin.
This local file inclusion (LFI) vulnerability appeared due to a failure to properly sanitize user-supplied inputs to the ‘img’ parameter of the ‘image_view.class.php’ script.

By exploiting this vulnerability, attackers can download any file they please, even your wp-config.php file.
By doing so, he can steal the database’s credentials, which then allows him to initiate attacks against the website via the database.


To deal with it, upgrade this vulnerable KenBurner Slider WordPress Plugin to version 1.8, which is the version that this vulnerability got fixed.



< Return to all Vulnerabilities

Blue Team

We’ve talked about The Red Team before, but what about The Blue Team? How is this group different from the red one? Why would we

Read More »