Unrestricted file upload vulnerability in php/upload.php in the wpStoreCart plugin before 2.5.30 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/wpstorecart.
CPE | Name | Operator | Version |
---|---|---|---|
wpstorecart | le | 2.5.29 | |
wpstorecart | eq | 0.62 | |
wpstorecart | eq | 1.0.0 | |
wpstorecart | eq | 2.0.0 | |
wpstorecart | eq | 2.0.1 | |
wpstorecart | eq | 2.0.2 | |
wpstorecart | eq | 2.0.3 | |
wpstorecart | eq | 2.0.4 | |
wpstorecart | eq | 2.0.5 | |
wpstorecart | eq | 2.0.6 |