Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
patchstackLarry W. CashdollarPATCHSTACK:3E64E6D0A05A02D38993A6448C40D5E9
HistoryJun 05, 2015 - 12:00 a.m.

WordPress XCloner Plugin <= 3.1.2 - Multiple vulnerabilities

2015-06-0500:00:00
Larry W. Cashdollar
patchstack.com
8

EPSS

0.008

Percentile

81.8%

JSON

This XCloner plugin is prone to an authenticated command execution and XSS. Because of multiple vulnerabilities in cloner.functions.php, remote authenticated users can execute arbitrary commands via a file containing filenames with shell metacharacters.

Solution

           Update the plugin.

Related

prion 1
cvelist 1
nvd 1
cve 1
packetstorm 1
wpvulndb 1
securityvulns 1
prion
prion
Design/Logic Flaw
2015-06-17 18:59:00
cvelist
cvelist
CVE-2015-4336
2015-06-17 18:00:00
nvd
nvd
CVE-2015-4336
2015-06-17 18:59:04
cve
cve
CVE-2015-4336
2015-06-17 18:59:04
packetstorm
packetstorm
WordPress XCloner 3.1.2 XSS / Command Execution
2015-05-31 00:00:00
wpvulndb
wpvulndb
XCloner - Backup and Restore 3.1.2 - XSS & Command Execution
2015-05-10 00:00:00
securityvulns
securityvulns
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2015-06-08 00:00:00

EPSS

0.008

Percentile

81.8%

JSON
Related for PATCHSTACK:3E64E6D0A05A02D38993A6448C40D5E9
prion1cvelist1nvd1cve1packetstorm1wpvulndb1securityvulns1