ThreatPress

WordPress Vulnerabilities Database

Back

WordPress InfusionSoft Plugin - Upload Vulnerability

Product
InfusionSoft
Description
InfusionSoft plugin is prone to vulnerability that allows for arbitrary file upload and remote code execution.
Solution
Update the plugin.
Classification
Type Remote File Inclusion
References
Exploit-DB
CVE
Name CVE-2014-6446
Versions
Affected In <= 1.5.10
Fixed In 1.5.11
Disclosure date
2014-10-09
Credits
metasploit