CVE-2015-1579

2015-02-11T19:59:00
ID CVE-2015-1579
Type cve
Reporter cve@mitre.org
Modified 2017-07-17T13:18:00

Description

Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php. NOTE: this vulnerability may be a duplicate of CVE-2014-9734.