Unrestricted file upload vulnerability in admin/upload-file.php in the Holding Pattern theme (aka holding_pattern) 0.6 and previous versions for WordPress allows remote malicious users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in an unspecified directory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
holding pattern project holding pattern |