CVE-2012-3577

Unrestricted file upload vulnerability in doupload.php in the Nmedia Member Conversation plugin before 1.4 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in wp-content/uploads/user_uploads.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:nmedia:member_conversation:*:*:*:*:*:*:*:*
cpe:2.3:a:nmedia:member_conversation:1.2:*:*:*:*:*:*:*
cpe:2.3:a:nmedia:member_conversation:1.0:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*

Information

Published : 2012-06-16 20:41

Updated : 2017-08-28 18:31


NVD link : CVE-2012-3577

Mitre link : CVE-2012-3577


JSON object : View

CWE
CWE-264

Permissions, Privileges, and Access Controls

Advertisement

dedicated server usa

Products Affected

wordpress

  • wordpress

nmedia

  • member_conversation