ThreatPress

WordPress Vulnerabilities Database

Back

WordPress OptimizePress Theme <= 1.60 - File Upload Vulnerability

Product
OptimizePress
Description
Multiple unrestricted file upload vulnerabilities, the attackers can execute arbitrary code by uploading a file with an executable extension, then accessing it.
Solution
Update the theme.
Classification
Type Remote File Inclusion
References
CVE Mitre
CVE
Name CVE-2013-7102
Versions
Affected In <= 1.60
Fixed In 1.61
Disclosure date
2013-12-14
Credits
Eagle Eye