2 matches found
CVE-2015-2194
Unrestricted file upload vulnerability in the fusionoptions function in functions.php in the Fusion theme 3.1 for Wordpress allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension in a fusionsave action, then accessing it via unspecified vector...
CVE-2015-2194
CVE-2015-2194 (WordPress Fusion Theme 3.1): Unrestricted file upload in the Fusion theme’s fusion_options function (functions.php) allows an authenticated user to upload a file with an executable extension via fusion_save and then access it to execute arbitrary code. Public sources corroborate an...