WordPress Elegance Theme - Local File Disclosure

elegance

Software
Elegance
Versions
<= 1.0
Disclosure date
2014-06-08
CVE
CVE-N/A
References
Classification
Local File Inclusion
OWASP Top 10

Are your websites subject to this vulnerability?

Details

Elegance theme's "elegance/lib/scripts/dl-skin.php" is prone to a local file disclosure vulnerability. It allows an attacker to get potentially sensitive information from local files on computers running the vulnerable application.

Solution

Upgrade the theme.

Found a vulnerability that puts your sites at risk?

Found a vulnerability? Help us secure the web and join our community of ethical hackers.

Are you the developer of this software? Hire our researchers for a thorough security audit.