CVE-2015-4336

2015-06-17T14:59:04
ID CVE-2015-4336
Type cve
Reporter NVD
Modified 2015-06-18T11:22:54

Description

cloner.functions.php in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to execute arbitrary commands via a file containing filenames with shell metacharacters, as demonstrated by using the backup comments feature to create the file.