wp-plugin : wp-amasin-the-amazon-affiliate-shop – Local File Inclusion


Plugin Details


Plugin Name : wp-amasin-the-amazon-affiliate-shop


Effected Version : 0.9.6 (and most probably lower version's if any)

Vulnerability : Local File Inclusion
Identified by : Anant Shrivastava



Technical Details


Minimum Level of Access Required : Unauthenticated


PoC - (Proof of Concept) :



Vulnerable Parameter : url



Disclosure Timeline


Vendor Contacted : 2014-01-28

Plugin Status : Closed
Public Disclosure : May 29, 2014
CVE Number : CVE-2014-4577

Plugin Description :
WP AMAZON enables you to open your own Amazon Affiliate Shop at your Blog. You can easily search for products to
add to your shop. The Plugin works with all Amazon Affiliate Programs including:
* www.amazon.com
* www.amazon.ca
* www.amazon.de
* www.amazon.co.uk
* www.amazon.co.jp
* www.amazon.cn
* www.amazon.es
* www.amazon.it
* www.amazon.in
* www.amazon.fr

We have developed a whole new Post Type (called 'products') in order not to mix your Blogposts with Productposts. You can easily adjust
the Layout of this Post Type with our Template Generator (works with ~90% of all Themes). By Widgets and Shortcodes you can make
your Shop browseable for your visitors. You can define, which information will be displayed on the single product page and add your
Custom Styles if you like.

After you have added a product, it automatically contains the pictures, the description and the product data which will be delivered in
a table. For every posted product, you can decided, which information you want to display. In order to fasten your application, the data
is stored in your database. By using WP Cronjobs or regular Cronjobs, you can automatically update them!

WP AMAZON includes a complete shopping cart system, you can integrate by Shortcode and Widget. We deliver more than three different Widgets,
a complete new Sidebar to create your own Product-Sidebar and more than four Shortcodes.

The product page includes all available information, customer reviews, similar products and a beautiful picture gallery.

For more information please visit our WP Amazon Page: http://www.websupporter.net/wp-amazon/

Available languages: English, Deutsch, German, Spanish, Espanol

Leave a Reply

Your email address will not be published. Required fields are marked *