Vulnerabilities

CVE-2015-5681

by Fred · 18/08/2015

Unrestricted file upload vulnerability in upload.php in the Powerplay Gallery plugin 3.3 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in *_uploadfolder/big/.

Date published : 2015-08-18

http://seclists.org/fulldisclosure/2015/Jul/64

http://packetstormsecurity.com/files/132671/WordPress-WP-PowerPlayGallery-3.3-File-Upload-SQL-Injection.html

Similar

Tags: Cybersecurity Alert