This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote web server contains a PHP script that is affected by a
local file inclusion vulnerability.
The Ajax Pagination (twitter Style) plugin for WordPress installed on
the remote host is affected by a local file inclusion vulnerability
because it fails to properly sanitize user-supplied input to the
'loop' parameter of the '/wp-admin/admin-ajax.php' script. A remote,
unauthenticated attacker can exploit this issue to execute arbitrary
PHP scripts on the remote host.
See also :
Unknown at this time.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 5.0
Public Exploit Available : true
Family: CGI abuses
Nessus Plugin ID: 73378 ()
Bugtraq ID: 66526