ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Advanced Access Manager Plugin <= 2.8.2 - Admin User File Read/Write

Product
Advanced Access Manager
Description
Because of this vulnerability, attackers can write arbitrary content to arbitrary files.
Solution
Update the plugin.
Classification
Type Arbitrary Code Execution
OWASP Top 10 A1: Injection
References
CVE Mitre
SecLists
CVE
Name CVE-2014-6059
Versions
Affected In <= 2.8.2
Fixed In 2.8.3
Disclosure date
2014-09-27
Submitter
ThreatPress