3 matches found
CVE-2014-10021
The CVE-2014-10021 entry concerns the WP Symposium WordPress plugin (version 14.11). It describes an unauthenticated, unrestricted file upload vulnerability in UploadHandler.php that allows an attacker to upload a file with an executable extension and then access it via a direct URL to execute ar...
CVE-2014-10021
creationtimestamp| type| source ---|---|--- 2015-01-13 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/35778 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/wpsymposiumshellupload.rb 2025-10-23 21:12:57+00:00|...
WordPress Symposium Plugin Unauthenticated Shell Upload (CVE-2014-10021)
WordPress Symposium plugin allows user to upload files without proper validation of file type. Successful exploitation of this issue may allow execution of arbitrary code on a vulnerable system...