ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Lazy SEO Plugin 1.1.9 - Shell Upload

Product
Lazy SEO
Description
This Lazy SEO plugin is prone to a shell upload vulnerability, in which the administrator or author could upload shell script, in the other words, default settings.
Solution
Update the plugin.
Classification
Type Remote File Inclusion
References
Exploit-DB
CVE
Name CVE-2013-5961
Versions
Affected In <= 1.1.9
Fixed In 1.2
Disclosure date
2013-09-22
Credits
Ashiyane Digital Security Team