ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Clockstone Theme <= 1.2 - Arbitrary File Upload

Product
Clockstone
Description
This theme is prone to an arbitrary file upload vulnerability via "upload.php". It allows an attacker to upload arbitrary files to the affected computer.
Solution
Update the theme.
Classification
Type Arbitrary File Upload
References
Security Focus
CVE
Name CVE-N/A
Versions
Affected In <= 1.2
Fixed In 1.3
Disclosure date
2014-08-01
Credits
DigiP