Описание
Unrestricted file upload vulnerability in UploadHandler.php in the WP Symposium plugin 14.11 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in server/php/.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- Broken Link
- ExploitThird Party AdvisoryVDB Entry
- Broken Link
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:wpsymposiumpro:wp_symposium:14.11:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 99%
0.77231
Высокий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Unrestricted file upload vulnerability in UploadHandler.php in the WP Symposium plugin 14.11 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in server/php/.
EPSS
Процентиль: 99%
0.77231
Высокий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other