ThreatPress

WordPress Vulnerabilities Database

Back

WordPress RokNewsPager Plugin - Multiple Security Vulnerabilities

Product
RokNewsPager
Description
WordPress RokStories plugin's "thumb.php" is prone to multiple security vulnerabilities, such as an arbitrary file-upload, cross-site scripting, information disclosure and denial-of-service vulnerabilities. Because of these issues, attackers can execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, upload arbitrary files or perform a denial-of-service attack. Other attacks are also possible.
Solution
Upgrade the plugin.
Classification
Type Multi
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 1.0
Fixed In 1.1
Disclosure date
2013-09-18
Credits
MustLive