CVE-2012-1786
Video Embed & Thumbnail Generator < 2.0 - Unauthenticated Installation Path Exposure
Title source: llmDescription
The Media Upload form in the Video Embed & Thumbnail Generator plugin before 2.0 for WordPress allows remote attackers to obtain the installation path via unknown vectors.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/52652
Patch x_refsource_confirm
http://plugins.trac.wordpress.org/changeset?old_path=%2Fvideo-embed-thumbnail-generator&old=507924&new_path=%2Fvideo-embed-thumbnail-generator&new=507924
Product x_refsource_confirm
http://wordpress.org/extend/plugins/video-embed-thumbnail-generator/changelog/
Scores
EPSS
0.0230
EPSS Percentile
81.3%
Details
CWE
CWE-200
Status
published
Products (9)
kylegilman/video_embed_\&_thumbnail_generator
0.2
kylegilman/video_embed_\&_thumbnail_generator
0.2.1
kylegilman/video_embed_\&_thumbnail_generator
1.0
kylegilman/video_embed_\&_thumbnail_generator
1.0.1
kylegilman/video_embed_\&_thumbnail_generator
1.0.2
kylegilman/video_embed_\&_thumbnail_generator
1.0.3
kylegilman/video_embed_\&_thumbnail_generator
1.0.4
kylegilman/video_embed_\&_thumbnail_generator
1.0.5
kylegilman/video_embed_\&_thumbnail_generator
< 1.1
Published
Mar 19, 2012
Tracked Since
Feb 18, 2026