ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Ultimate Product Catalogue Plugin <= 3.1.1 - Unauthenticated File Upload

Product
Ultimate Product Catalogue
Description
Remote unauthenticated attacker can exploit this issue by sending a specially-crafted HTTP POST request.
Solution
Update the plugin.
Classification
Type Arbitrary File Upload
References
Github
CVE
Name CVE-N/A
Versions
Affected In <= 3.1.1
Fixed In 3.1.2
Disclosure date
2015-04-22
Credits
Luca Ercoli
Submitter
ThreatPress