Published: 11/02/2015 Updated: 17/07/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 511

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote malicious users to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php. NOTE: this vulnerability may be a duplicate of CVE-2014-9734.

Vulnerable Product	Search on Vulmon	Subscribe to Product
elegant themes divi -

This NSE script for Nmap exploits a directory traversal in WordPress Elegant Themes Divi Theme ...

# Exploit Title : WordPress Slider Revolution Responsive <= 414 Arbitrary File Download vulnerability # Exploit Author : Claudio Viviani # Vendor Homepage : codecanyonnet/item/slider-revolution-responsive-wordpress-plugin/2751380 # Software Link : Premium plugin # Dork Google: revsliderphp "index of" # Date : 2014 ...

# WordPress CuckooTap Theme & eShop Arbitrary File Download # Risk: High # CWE number: CWE-200 # Author: Hugo Santiago # Contact: hugos@linuxmailorg # Date: 31/08/2014 # Vendor Homepage: themeforestnet/item/cuckootap-one-page-parallax-wp-theme-plus-eshop/3512405 # Tested on: Windows 7 and Gnu/Linux # Google Dork: "Index of" +/wp-conte ...

CVE-2015-1579 - WP Revslider AFD Exploit: Wordpress Slider Revolution Responsive <= 414: Vuln Date: 24/07/2014 Exploit Author: anarc0der Version: Wordpress Slider Revolution Responsive <= 414 CVE : CVE-2015-1579 How to: python3 xplpy --url='target' Targets examples PoC (

[discontinued] Mass exploiter of CVE-2015-1579 for WordPress CMS

WordPressMassExploiter Mass exploiter of CVE-2015-1579 for WordPress CMS This mass exploiter is based on CVE-2015-1579, discovered by CLAUDIO VIVIANI (wwwexploit-dbcom/exploits/36554/) How it works: 1 - I use Selenium Framework to make the search on google 2 - The results of search, are parsed and links are stored into wordpressAFD_resultstxt file 3 - The fuzzer()

[discontinued] Mass exploiter of CVE-2015-1579 for WordPress CMS

WordPressMassExploiter Mass exploiter of CVE-2015-1579 for WordPress CMS This mass exploiter is based on CVE-2015-1579, discovered by CLAUDIO VIVIANI (wwwexploit-dbcom/exploits/36554/) How it works: 1 - I use Selenium Framework to make the search on google 2 - The results of search, are parsed and links are stored into wordpressAFD_resultstxt file 3 - The fuzzer()

CVE-2015-1579 - WP Revslider AFD Exploit: Wordpress Slider Revolution Responsive <= 414: Vuln Date: 24/07/2014 Exploit Author: anarc0der Version: Wordpress Slider Revolution Responsive <= 414 CVE : CVE-2015-1579 How to: python3 xplpy --url='target' Targets examples PoC (

CWE-22 http://www.exploit-db.com/exploits/36039 https://wpvulndb.com/vulnerabilities/7540 https://nvd.nist.gov https://github.com/devel369/CVE-2015-1579 https://github.com/devel369/WordPressMassExploiter https://packetstormsecurity.com/files/142064/WordPress-Elegant-Themes-Divi-Theme-Directory-Traversal-Nmap-NSE-Script.html https://www.exploit-db.com/exploits/36554/

CVE-2015-1579

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect