ThreatPress

WordPress Vulnerabilities Database

Back

WordPress e-Commerce Plugin <= 3.4 - Unrestricted File Upload

Product
E-commerce
Description
Because of this vulnerability in image_processing.php, the attackers can execute arbitrary code by uploading a file with an executable extension.
Solution
Update the plugin.
Classification
Type Arbitrary File Upload
References
CVE Mitre
CVE
Name CVE-2008-6811
Versions
Affected In <= 3.4
Fixed In 3.5
Disclosure date
2009-05-17
Credits
t0pP8uZz