WordPress Suco Themes - Arbitrary File Upload

suco

Software
Suco
Versions
<= 1.0
Disclosure date
2013-11-20
CVE
CVE-N/A
References
Credits
Classification
Arbitrary File Upload
OWASP Top 10

Are your websites subject to this vulnerability?

Details

WordPress Suco themes are prone to an arbitrary file upload vulnerability via "ajax.php". It allows an attacker to upload arbitrary files to the affected computer.

Solution

Upgrade the theme.

Found a vulnerability that puts your sites at risk?

Found a vulnerability? Help us secure the web and join our community of ethical hackers.

Are you the developer of this software? Hire our researchers for a thorough security audit.