ThreatPress

WordPress Vulnerabilities Database

Back

WordPress FileManager Plugin <= 1.2 - Arbitrary File Upload

Product
WP FileManager
Description
Because of this vulnerability in ajaxfilemanager.php, the attackers can upload and execute arbitrary PHP code via unspecified vectors.
Solution
Update the plugin.
Classification
Type Arbitrary File Upload
References
CVE Mitre
CVE
Name CVE-2008-0222
Versions
Affected In <= 1.2
Fixed In 1.3
Disclosure date
2008-01-10
Credits
H-T Team