ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Tevolution <= 2.2.7 - Unrestricted File Upload

Product
Tevolution
Description
Because of this vulnerability, the attackers can upload malicious files or scripts by using the front-end uploader.
Solution
Update the plugin.
Classification
Type Arbitrary File Upload
OWASP Top 10 A1: Injection
References
Templatic
CVE
Name CVE-N/A
Versions
Affected In <= 2.2.7
Fixed In 2.2.8
Disclosure date
2016-04-23
Submitter
ThreatPress