Description
Kayran has detected that you’re using a Responsive KenBurner Slider WordPress Plugin.
This local file inclusion (LFI) vulnerability appeared due to a failure to properly sanitize user-supplied inputs to the ‘img’ parameter of the ‘image_view.class.php’ script.
By exploiting this vulnerability, attackers can download any file they please, even your wp-config.php file.
By doing so, he can steal the database’s credentials, which then allows him to initiate attacks against the website via the database.
Severity/Score
Average Score – 5.0 Medium
Recommendation
To deal with it, upgrade this vulnerable KenBurner Slider WordPress Plugin to version 1.8, which is the version that this vulnerability got fixed.
References
https://arbitrary321.rssing.com/chan-37141670/latest.php
