ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Zingiri Plugin <= 2.2.3 - Remote Code Execution

Product
Zingiri
Description
WordPress Zingiri plugin's "ajax_save_name.php" parameter is prone to a remote code execution vulnerability. It allows attackers to execute arbitrary PHP code.
Solution
Update the plugin.
Classification
Type Arbitrary Code Execution
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 2.2.3
Fixed In 2.2.4
Disclosure date
2011-11-13
Credits
EgiX