Primary

Context

Majestic Support WordPress Plugin Local File Inclusion Vulnerability

Vulnerability

Patched

A local file inclusion vulnerability has been identified in the Majestic Support WordPress plugin, affecting versions through 1.0.6. This vulnerability allows improper control of filenames in include or require statements, potentially leading to the inclusion of local files from the server.

Impact

Exploitation of this vulnerability could allow a malicious actor to include local files from the server and display their contents. This could be particularly dangerous if files containing sensitive information, such as database credentials, are accessed, as it might lead to a complete takeover of the database, depending on the configuration.

Remediation

Users of the Majestic Support WordPress plugin should update to version 1.0.7 or later to address this vulnerability. Patchstack users can enable auto-updates for vulnerable plugins.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

2.5

exploitability

7.6

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

2.5

exploitability

7.6

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Majestic Support WordPress Plugin Local File Inclusion Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Majestic Support

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating