ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Real Estate 7 theme 2.5.6 - Authenticated Arbitrary File Upload vulnerability

Product
Real Estate 7
Description
The Authenticated Arbitrary File Upload vulnerability found by WPHutte in WordPress Real Estate 7 theme version 2.5.6
Solution
Update WordPress Real Estate 7 theme to the latest available version (at least version 2.5.9)
Classification
Type Arbitrary File Upload
OWASP Top 10 A4: Insecure Direct Object References
References
WPHutte
CVE
Name CVE-N/A
Versions
Affected In 2.5.6
Fixed In 2.5.9
Disclosure date
2017-04-15
Credits
WPHutte
Submitter
ThreatPress