[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FD] Remote file upload vulnerability in mailcwp v1.99 wordpress plugin

To: Open Source Security <oss-security@xxxxxxxxxxxxxxxxxx>
Subject: Re: [FD] Remote file upload vulnerability in mailcwp v1.99 wordpress plugin
From: "Larry W. Cashdollar" <larry0@xxxxxx>
Date: Thu, 16 Jul 2015 20:22:45 -0400

> On Jul 16, 2015, at 8:18 PM, Larry W. Cashdollar <larry0@xxxxxx> wrote:
> 
> Title: Remote file upload vulnerability in mailcwp v1.99 wordpress plugin
> Author: Larry W. Cashdollar, @_larry0
> Date: 2015-07-09
> Download Site: https://wordpress.org/plugins/mailcwp/
> Vendor: CadreWorks Pty Ltd
> Vendor Notified: 2015-07-09 fixed in v1.110

Typo should be v1.100.



_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

References:
- [FD] Remote file upload vulnerability in mailcwp v1.99 wordpress plugin
  - From: Larry W. Cashdollar

Prev by Date: [FD] Remote file upload vulnerability in mailcwp v1.99 wordpress plugin
Next by Date: [FD] OpenSSH keyboard-interactive authentication brute force vulnerability (MaxAuthTries bypass)
Previous by thread: [FD] Remote file upload vulnerability in mailcwp v1.99 wordpress plugin
Next by thread: [FD] OpenSSH keyboard-interactive authentication brute force vulnerability (MaxAuthTries bypass)
Index(es):
- Date
- Thread