ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Aviary Image Editor Add On For Gravity Forms Plugin - Beta Shell Upload

Product
Aviary Image Editor Add On For Gravity Forms
Description
The remote file upload vulnerability is in aviary-image-editor-add-on-for-gravity-forms/includes/upload.php. Because of this vulnerability anyone can upload any file to the system.
Solution
Upgrade the plugin.
Classification
Type Remote File Inclusion
References
Exploit-DB
CVE
Name CVE-2015-4455
Versions
Affected In <= 3.0
Fixed In 3.1
Disclosure date
2015-06-12
Credits
Larry W. Cashdollar