CVE-2014-5014

CVE-2014-5014

EPSS 3.6%

The WordPress Flash Uploader plugin before 3.1.3 for WordPress allows remote attackers to execute arbitrary commands via vectors related to invalid characters in image_magic_path.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://wordpress.org/plugins/wordpress-flash-uploader/changelog/https://wordpress.org/support/topic/vulnerability-discovered-2/