ThreatPress

WordPress Vulnerabilities Database

Back

WordPress TimThumb WebShot Plugin 2.8.13 - Remote Code Execution

Product
TimThumb WebShot
Description
TimThumb WebShot plugin is prone to a remote code execution vulnerability, because of script does not check remotely cached files properly. Also, it can attack URL.
Solution
Upgrade the plugin.
Classification
Type Arbitrary Code Execution
References
Exploit-DB
CVE
Name CVE- 2014-4663
Versions
Affected In <= 2.8.13
Fixed In 2.8.14
Disclosure date
2014-06-24
Credits
@u0x