WordPress Vithy Theme - Arbitrary File Upload

vithy

Software
Vithy
Versions
<= 1.0
Disclosure date
2014-08-01
CVE
CVE-N/A
Credits
Classification
Arbitrary File Upload
OWASP Top 10
A1: Injection

Are your websites subject to this vulnerability?

Details

WordPress ColdFusion theme is prone to an arbitrary file upload vulnerability. It allows an attacker to upload arbitrary files to the affected computer.

Solution

Update the theme.

Found a vulnerability that puts your sites at risk?

Found a vulnerability? Help us secure the web and join our community of ethical hackers.

Are you the developer of this software? Hire our researchers for a thorough security audit.