CVE-2015-1365

Currently unrated

Key Information:

Vendor: Wordpress
Status: Pixabay Images
Vendor: CVE Published:; 27 January 2015

Summary

Directory traversal vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to write to arbitrary files via a .. (dot dot) in the q parameter.

References

http://seclists.org/fulldisclosure/2015/Jan/75

mailing-listx_refsource_FULLDISC

https://plugins.trac.wordpress.org/changeset?sfp_email=&s...

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/100036

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jan 27, 2015
Vulnerability Reserved
Jan 27, 2015