Lucene search
PRIOn knowledge basePRION:CVE-2014-9734HistoryJun 30, 2015 - 2:59 p.m.
Directory traversal
2015-06-3014:59:00
PRIOn knowledge base
www.prio-n.com
5
Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress allows remote attackers to read arbitrary files via a … (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php.
| CPE | Name | Operator | Version |
|---|---|---|---|
| slider_revolution | le | 4.1.4 |
References
marketblog.envato.com/news/affected-themes/
marketblog.envato.com/news/plugin-vulnerability/
packetstormsecurity.com/files/132366/WordPress-Revslider-4.2.2-XSS-Information-Disclosure.html
blog.sucuri.net/2014/09/slider-revolution-plugin-critical-vulnerability-being-exploited.html
blog.sucuri.net/2014/12/revslider-vulnerability-leads-to-massive-wordpress-soaksoak-compromise.html
plugins.trac.wordpress.org/browser/patch-for-revolution-slider/trunk/revsliderpatch.php
www.exploit-db.com/exploits/34511
Related
nvd
nvd
CVE-2014-9734
2015-06-30 14:59:00
CVE-2015-1579
2015-02-11 19:59:06
patchstack
patchstack
WordPress Slider Revolution Plugin <= 4.1.4 - Arbitrary File Download
2015-03-30 00:00:00
cve
cve
CVE-2014-9734
2022-10-03 16:20:41
CVE-2015-1579
2015-02-11 19:59:06
openvas
openvas
WordPress Revslider Arbitrary File Download Vulnerability
2015-07-10 00:00:00
WordPress Slider Revolution Arbitrary File Download Vulnerability
2015-03-31 00:00:00
cvelist
cvelist
CVE-2014-9734
2022-10-03 16:20:41
CVE-2015-1579
2015-02-11 19:00:00
checkpoint_advisories
checkpoint_advisories
prion
prion
Directory traversal
2015-02-11 19:59:00
packetstorm
packetstorm
WordPress Elegant Themes Divi Theme Directory Traversal Nmap NSE Script
2017-04-07 00:00:00
nuclei
nuclei
WordPress Slider Revolution - Local File Disclosure
2021-11-21 11:30:25
threatpost
threatpost
Attackers Target 1M+ WordPress Sites To Harvest Database Credentials
2020-06-03 20:37:44