CVE-2014-10021

2015-01-13T11:59:00
ID CVE-2014-10021
Type cve
Reporter cve@mitre.org
Modified 2018-10-30T16:27:00

Description

Unrestricted file upload vulnerability in UploadHandler.php in the WP Symposium plugin 14.11 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in server/php/. <a href="http://cwe.mitre.org/data/definitions/434.html">CWE-434: Unrestricted Upload of File with Dangerous Type</a>