oss-sec mailing list archives
CVE request: WordPress plugin wysija-newsletters remote file upload
From: Henri Salo <henri () nerv fi>
Date: Wed, 2 Jul 2014 11:03:16 +0300
Can I get 2014 CVE for remote file upload vulnerability in WordPress plugin wysija-newsletters, thanks. Plugin name: MailPoet Newsletters Plugin page: https://wordpress.org/plugins/wysija-newsletters/ Fixed in: 2.6.7 Discovered and reported by Sucuri Reference: http://blog.sucuri.net/2014/07/remote-file-upload-vulnerability-on-mailpoet-wysija-newsletters.html Also detected by wpscan-tool: https://github.com/wpscanteam/wpscan/commit/f9b10dc9db45f400918348b777f662c7140ee5fe I can provide diffs between the versions if needed. --- Henri Salo
Attachment:
signature.asc
Description: Digital signature
Current thread:
- CVE request: WordPress plugin wysija-newsletters remote file upload Henri Salo (Jul 02)
- Re: CVE request: WordPress plugin wysija-newsletters remote file upload cve-assign (Jul 08)