Security for everyone

CVE-2018-16299 Scanner

Detects 'Directory Traversal' vulnerability in Localize My Post plugin for Wordpress affects v. 1.0.


Short Info




Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one


Parent Category

CVE-2018-16299 Scanner Detail

The Localize My Post plugin for WordPress is a tool used to help website owners translate their posts and pages into multiple languages. It is a useful way to expand the reach of your content to a global audience. The plugin works by translating the content in the backend and creating a duplicate version to be displayed in the chosen language on the frontend. This makes it easier for users to consume the content in their preferred language. 

However, it has been discovered that the plugin has a vulnerability, specifically the CVE-2018-16299 vulnerability. This vulnerability allows for Directory Traversal via the ajax/include.php file parameter. Essentially, unauthenticated users can access files on the server and potentially gain access to sensitive information. This leaves websites with the plugin installed vulnerable to malicious attacks. 

If left unaddressed, this vulnerability can lead to serious data breaches and compromise sensitive information. Attackers can use this vulnerability to gain access to files with important information such as user credentials, financial information, and other sensitive data. Moreover, this vulnerability can allow attackers to launch other types of attacks such as cross-site scripting or even full-scale takeover of the website. 

In conclusion, the Localize My Post plugin vulnerability can prove to be a significant threat to websites using the plugin. However, with the right precautions, website owners can ensure that their website and sensitive information remains safe and secure. By leveraging the security features of the platform, readers of this article can easily and effectively stay up to date on potential vulnerabilities and protect their digital assets.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture