Local File Inclusion vulnerability in Cab fare calculator WordPress plugin before 1.0.4

CVE-2022-1391 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

The Cab fare calculator WordPress plugin before 1.0.4 does not validate the controller parameter before using it in require statements, which could lead to Local File Inclusion issues.

Learn more about our Wordpress Pen Testing.