Unrestricted file upload vulnerability in multi.php in Simple Dropbox Upload plugin prior to 1.8.8.1 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in wp-content/uploads/wpdb/.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cdsincdesign simple_dropbox_upload_form |
||
cdsincdesign simple_dropbox_upload_form 0.5.0 |
||
cdsincdesign simple_dropbox_upload_form 1.0.0 |
||
cdsincdesign simple_dropbox_upload_form 1.1.0 |
||
cdsincdesign simple_dropbox_upload_form 1.1.1 |
||
cdsincdesign simple_dropbox_upload_form 1.1.2 |
||
cdsincdesign simple_dropbox_upload_form 1.2.0 |
||
cdsincdesign simple_dropbox_upload_form 1.3.0 |
||
cdsincdesign simple_dropbox_upload_form 1.3.1 |
||
cdsincdesign simple_dropbox_upload_form 1.4.0 |
||
cdsincdesign simple_dropbox_upload_form 1.5.0 |
||
cdsincdesign simple_dropbox_upload_form 1.5.1 |
||
cdsincdesign simple_dropbox_upload_form 1.5.2 |
||
cdsincdesign simple_dropbox_upload_form 1.5.3 |
||
cdsincdesign simple_dropbox_upload_form 1.6.0 |
||
cdsincdesign simple_dropbox_upload_form 1.7.0 |
||
cdsincdesign simple_dropbox_upload_form 1.8.0 |
||
cdsincdesign simple_dropbox_upload_form 1.8.1 |
||
cdsincdesign simple_dropbox_upload_form 1.8.2 |
||
cdsincdesign simple_dropbox_upload_form 1.8.3 |
||
cdsincdesign simple_dropbox_upload_form 1.8.4 |
||
cdsincdesign simple_dropbox_upload_form 1.8.5 |
||
cdsincdesign simple_dropbox_upload_form 1.8.6 |
||
cdsincdesign simple_dropbox_upload_form 1.8.7 |