In Pluck 4.7.16, an admin user can use the theme upload functionality at /admin.php?action=themeinstall to perform remote code execution.
CPE | Name | Operator | Version |
---|---|---|---|
pluck | eq | 4.7.13 | |
pluck | eq | 4.7.11 | |
pluck | eq | 4.7.15 | |
pluck | eq | 4.7.16-dev3 | |
pluck | eq | 4.7.9-dev3 | |
pluck | eq | 4.7.11-dev2 | |
pluck | eq | 4.7 | |
pluck | eq | 4.7.3 | |
pluck | eq | 4.7.9-dev1 | |
pluck | eq | 4.7.8 |