Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 21 Jun 2015 13:50:47 +0200
From: 0pc0deFR <0pc0defr@...il.com>
To: OSS Securty <oss-security@...ts.openwall.com>, cve-assign@...re.org
Cc: dr.abhishek_ghosh@...mail.com
Subject: Wordpress Plugin: FTP To Zip 1.8

Hello,

The FTP To Zip 1.8 wordpress plugin is vulnerable to unauthenticated
execution. With vulnerability, you can create a zip archive for Wordpress
install and you can download this archive (
http://domain.tld/wp-content/plugins/ftp-to-zip/backup.php).
A need CVE please.

Download plugin: https://downloads.wordpress.org/plugin/ftp-to-zip.1.8.zip

--
Cordialement,

Kévin FALCOZ alias 0pc0deFR - Consultant Expert WordPress -
http://wordpress-expertise.fr

--
Regards,

Kévin FALCOZ aka 0pc0deFR - WordPress Expert Consultant -
http://wordpress-expertise.fr

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ