50 matches found
Design/Logic Flaw
An issue was discovered in the Divi Builder plugin, Divi theme, and Divi Extra theme before 4.5.3 for WordPress. Authenticated attackers, with contributor-level or above capabilities, can upload arbitrary files, including .php files. This occurs because the check for file extensions is on the...
CVE-2020-35945
CVE-2020-35945 affects WordPress environments using the Divi Builder plugin, Divi theme, and Divi Extra theme prior to 4.5.3. The vulnerability allows authenticated attackers with contributor-level or higher privileges to upload arbitrary files, including PHP, because the extension check is perfo...
PT-2021-11877
Name of the Vulnerable Software and Affected Versions: Divi Builder plugin versions prior to 4.5.3 Divi theme versions prior to 4.5.3 Divi Extra theme versions prior to 4.5.3 Description: An issue allows authenticated attackers with contributor-level or above capabilities to upload arbitrary file...
WordPress Elegant Themes Divi Theme 3.0 <= 4.5.2 Authenticated Arbitrary File Upload Vulnerability
The WordPress theme Divi by Elegant Themes is prone to an authenticated arbitrary file upload vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
VulnCheck KEV: CVE-2020-35945
An issue was discovered in the Divi Builder plugin, Divi theme, and Divi Extra theme before 4.5.3 for WordPress. Authenticated attackers, with contributor-level or above capabilities, can upload arbitrary files, including .php files. This occurs because the check for file extensions is on the...
Exploit for Path Traversal in Elegantthemes Divi
WordPressMassExploiter Mass exploiter of CVE-2015-1579 for Wor...
WordPress Divi Theme Directory Traversal Vulnerability
WordPress Divi Theme is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
WordPress Elegant Themes Divi Theme Directory Traversal Vulnerability
WordPress is a set of blogging platform developed by WordPress Software Foundation using PHP language, which supports setting up personal blog sites on servers with PHP and MySQL.Elegant Themes Divi is one of the Elegant Themes. A directory traversal vulnerability exists in the WordPress Elegant...
Wordpress Theme Divi Arbitrary File Download Vulnerability
Exploit for php platform in category web applications Exploit Title: Wordpress Theme Divi Arbitrary File Download Vulnerability Date: 08/02/2015 Exploit Author: pool and Fran73 Vendor Homepage: http://www.elegantthemes.com/gallery/divi/ Contact : email protected YM Tested on: Linux / Window Googl...
VulnCheck KEV: CVE-2015-1579
Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the img parameter in a revslidershowimage action to wp-admin/admin-ajax.php. NOTE: this vulnerability may be a duplicate of CVE-2014-9734...