ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Image Manager Plugins - Shell Upload

Product
Image Manager
Description
These Image Manager plugins suffer from a remote shell upload vulnerability, in which the administrator or author could upload shell script, in the other words, default settings. The vulnerability allows the attackers to upload files via POST method with multiple extensions to an unauthorized access them on application-side of the service.
Solution
Update the plugin.
Classification
Type Arbitrary File Upload
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In 1.0
Fixed In 1.1
Disclosure date
2009-12-05
Credits
DigitALL