< Back to JetLib.com

jetlib.sec » Bugtraq » AllWebMenus < 1.1.9 WordPress Menu Plugin Arbitrary file upload

« Expand/Collapse

Bugtraq

January 23, 2012
AllWebMenus < 1.1.9 WordPress Menu Plugin Arbitrary file upload

Posted: January 23rd, 2012, 8:14am PST

Tags:

Posted by pavel on Jan 23
#Exploit Title: AllWebMenus WordPress Menu Plugin Arbitrary file upload
#Version: < 1.1.9
#Date: 2012-01-19
#Author: 6Scan (http://6scan.com) security team
#Software Link: http://wordpress.org/extend/plugins/allwebmenus-wordpress-menu-plugin/
#Official fix: This advisory is released after the vendor was contacted and fixed the issue promptly.
#Description: Unauthorized users could upload arbitrary files to the vulnerable server, potentially...

← [SECURITY] [DSA 2391-1] phpmyadmin se... Re: pwgen: non-uniform distribution o... →