Post Slides WordPress Plugin Local File Inclusion Vulnerability

A local file inclusion (LFI) vulnerability has been identified in the Post Slides WordPress plugin, affecting versions through 1.0.1. The issue arises because the plugin fails to properly validate certain shortcode attributes before using them to generate file paths for include functions. This flaw allows authenticated users with contributor or higher roles to execute LFI attacks.

Impact

Exploitation of this vulnerability allows for local file inclusion, where an attacker can include files from the server's file system. This could potentially lead to the disclosure of sensitive information, such as the wp-config.php file, or be leveraged for further attacks, such as remote code execution.

Reproduction

To reproduce this vulnerability, add a post containing the shortcode '[post-slides skin="../../../../wp-config"]'. This will trigger the inclusion of the 'wp-config.php' file, demonstrating the local file inclusion vulnerability.