ThreatPress

WordPress Vulnerabilities Database

Back

WordPress E-Commerce Shop Styling Plugin 2.5 - Arbitrary File Download

Product
E-Commerce Shop Styling
Description
E-Commerce Shop Styling plugin is prone to an arbitrary file upload vulnerability. It allows an attacker to upload arbitrary files to the affected computer.
Solution
Upgrade the plugin.
Classification
Type Arbitrary File Download
References
Exploit-DB
CVE
Name CVE- 2015-5468
Versions
Affected In <= 2.5
Fixed In 2.6
Disclosure date
2015-07-08
Credits
Larry W. Cashdollar