CVE-2012-6651

Name of the Vulnerable Software and Affected Versions Vitamin plugin for WordPress versions prior to 1.1.0

Description The issue allows remote attackers to access arbitrary files due to multiple directory traversal vulnerabilities. This can be achieved by including a .. (dot dot) in the path parameter to specific API endpoints, such as "add headers.php" or "minify.php".

Recommendations For Vitamin plugin for WordPress versions prior to 1.1.0, update to version 1.1.0 or later to resolve the issue.