CVE-2015-1172 Wordpress-theme remote arbitrary code

Product: holdingpattern Vendor: Liftux Vulnerable Versions: 0.6 and prior Tested Version: 0.6 Advisory Publication: January 18, 2015 Vendor Notification: January 14, 2015 Public Disclosure: January 18, 2015 Vulnerability Type: Exec Code Authentication: Not required to exploit CVE Reference:...

WordPress Holding Pattern Theme <= 0.6 - Unrestricted File Upload

This vulnerability allows an attacker to upload arbitrary files. The application uses limited validation which means unauthorized upload is allowed. Solution Update the theme...