### [CVE-2018-7422](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7422)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path traversal.

### POC

#### Reference
- http://seclists.org/fulldisclosure/2018/Mar/40
- https://wpvulndb.com/vulnerabilities/9044
- https://www.exploit-db.com/exploits/44340/

#### Github
- https://github.com/0x00-0x00/CVE-2018-7422
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/El-Palomo/SYMFONOS
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/HeiTang/ZYXEl-CTF-WriteUp
- https://github.com/JacobEbben/CVE-2018-7422
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/jessisec/CVE-2018-7422
- https://github.com/superlink996/chunqiuyunjingbachang
- https://github.com/vshaliii/Symfonos1-Vulnhub-walkthrough