Headline
CVE-2023-5199: php-to-page.php in php-to-page/trunk – WordPress Plugin Repository
The PHP to Page plugin for WordPress is vulnerable Local File Inclusion to Remote Code Execution in versions up to, and including, 0.3 via the ‘php-to-page’ shortcode. This allows authenticated attackers with subscriber-level permissions or above, to include local file and potentially execute code on the server. While subscribers may need to poison log files or otherwise get a file installed in order to achieve remote code execution, author and above users can upload files by default and achieve remote code execution easily.
**source: php-to-page/trunk/php-to-page.php @ 441028
**
Last change on this file since 441028 was 441028, checked in by , 12 years ago
Update render issue
File size: 765 bytes
Line
1
<?php
2
/*
3
Plugin Name: PHP to Page
4
Plugin URI: http://studio.bloafer.com/wordpress-plugins/php-to-page/
5
Description: Keep your PHP and WordPress seperate, using the shortcode [php-to-page] you can include PHP files in your pages.
6
Version: 0.3
7
Author: Kerry James
8
Author URI: http://studio.bloafer.com/
9
*/
10
11
function php_to_page_shortcode_handler( $args, $content = null ){
12
$output \= "";
13
if( is\_feed() )
14
return '';
15
16
if(!isset($args\["file"\])){
17
$args\["file"\] \= false;
18
}
19
if($args\["file"\]){
20
if(file\_exists($args\["file"\])){
21
ob\_start();
22
include $args\["file"\];
23
$output \= ob\_get\_contents();
24
ob\_end\_clean();
25
}
26
}
27
return html\_entity\_decode($output);
28
}
29
30
add_shortcode('php-to-page’, ‘php_to_page_shortcode_handler’);
31
32
?>
Note: See TracBrowser for help on using the repository browser.