Wordpress Multiple Third Party Plugins Multiple Vulnerabilities


Description   (#Multiple vulnerabilities have been identified in third-party plugins for Wordpress:#- Sell Download: local file disclosure via the "file" parameter of the "wp-content/plugins/sell-downloads/sell-downloads.php" script page##- TheCartPress: local file inclusion via the "page" parameter of the "wp-content/plugins/thecartpress/modules/Miranda.class.php" script page##- TheCartPress: remote code execution via the "class" parameter of the "admin-ajax.php?action=tcp_miranda_save_admin_panel" web page##- Advanced uploader: remote file upload via the "file" POST parameter of the "wp-content/plugins/advanced-uploader/upload.php" script page##- Advanced uploader: local file disclosure via the "destinations" parameter of the "wp-content/plugins/advanced-uploader/upload.php" script page.##Proofs of concept are available.)
     
Vulnerable Products   Vulnerable Software:
WordPress (WordPress) -
     
Solution   No solution for the moment.
     
CVE  
     
References   - 0day.today : Wordpress Sell Download v1.0.16 Plugin Local File Disclosure Vulnerability
http://0day.today/exploit/24661
- 0day.today : Wordpress Advanced uploader v2.10 Plugin Multiple Vulnerabilities
http://0day.today/exploit/24660
- 0day.today : Wordpress TheCartPress v1.4.7 Plugin Multiple Vulnerabilities
http://0day.today/exploit/24659
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
Directory traversal
3.2.0
Upload of a PHP file in a vulnerable web application
5.0.0
     


 
 
 
 
 Risk level 
Moderate 

 Vulnerability First Public Report Date 
2015-12-03 

 Target Type 
Server 

 Possible exploit 
Remote