ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Daily Deal Theme - Arbitrary Shell Upload Vulnerability

Product
Daily Deal
Description
Daily Deal theme is prone to an arbitrary shell upload vulnerability that exists because application fails to adequately clean up user-supplied input. It allows an attacker to upload arbitrary files to the affected computer.
Solution
Upgrade the theme.
Classification
Type Remote File Inclusion
OWASP Top 10 A1: Injection
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 1.0
Fixed In 1.1
Disclosure date
2013-10-23
Credits
DevilScreaM