ThreatPress

WordPress Vulnerabilities Database

Back

WordPress N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion

Product
N-Media Website Contact Form with File Upload
Description
This vulnerability can be exploited to include arbitrary files. In this plugin the affected file is /wp-content/plugins/website-contact-form-with-file-upload/lib/wide-image/image-processor.php. It include the file /wp-content/plugins/website-contact-form-with-file-upload/lib/wide-image/helpers/demo.php.
Solution
Update the plugin.
Classification
Type Local File Inclusion
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 1.5
Fixed In 1.6
Disclosure date
2015-05-08
Credits
T3N38R15