CVE-2012-3574

2012-06-16T00:55:00
ID CVE-2012-3574
Type cve
Reporter cve@mitre.org
Modified 2017-08-29T01:31:00

Description

Unrestricted file upload vulnerability in includes/doajaxfileupload.php in the MM Forms Community plugin 2.2.5 and 2.2.6 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in upload/temp.