ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Work The Flow Plugin - Upload Vulnerability

Product
Work The Flow
Description
This vulnerability allows an attacker to upload arbitrary PHP code and execute it.
Solution
Update the plugin.
Classification
Type Remote File Inclusion
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 2.5.2
Fixed In 2.5.3
Disclosure date
2015-04-21
Credits
metasploit