Application: WordPress
Affected Version: version 1.2.2 and other versions.
Vendor’s URL: Work The Flow File Upload Plugin
Bug Type: File Upload
Risk Level: Critical
Solution:
No official solution is currently available.
Content Management, File Inclusion
Application: WordPress
Affected Version: version 1.0.6 and other versions.
Vendor’s URL: Business Intelligence Lite Plugin
Bug Type: File Upload
Risk Level: Critical
Solution:
Update to version 1.1.
Content Management, File Inclusion
Application: WordPress
Affected Version: version 1.1.4 and other versions.
Vendor’s URL: The Cotton Theme
Bug Type: File Upload
Risk Level: Critical
Solution:
No official solution is currently available.
Content Management, File Inclusion
Application: WordPress
Affected Version:
Vendor’s URL: Kiddo Theme
Bug Type: File Upload
Risk Level: Critical
Solution:
No official solution is currently available.
Content Management, File Inclusion
Application: Joomla!
Affected Version: versions prior to 3.0.3.
Vendor’s URL: PROJOOM Smart Flash Header Component
Bug Type: File Upload
Risk Level: Critical
Solution:
Update to version 3.0.3.
Content Management, File Inclusion
Application: WordPress
Affected Version: versions prior to 1.6.
Vendor’s URL: OptimizePress Plugin
Bug Type: File Upload
Risk Level: Critical
Solution:
Update to version 1.6.
Content Management, File Inclusion
Application: WordPress
Affected Version: -
Vendor’s URL: This Way Theme
Bug Type: File Upload
Risk Level: Critical
Solution:
No official solution is currently available.
Content Management, File Inclusion
Application: WordPress
Affected Version: version 3.3.3 and other versions.
Vendor’s URL: Complete Gallery Manager Plugin
Bug Type: File Upload
Risk Level: Critical
Solution:
No official solution is currently available.
Content Management, File Inclusion
Application: WordPress
Affected Version: version 1.8.8 and other versions.
Vendor’s URL: Simple Dropbox Upload Plugin
Bug Type: File Upload
Risk Level: Critical
Solution:
No official solution is currently available.
Content Management, File Inclusion
Application: AspxCommerce
Affected Version: version 2.0 and other versions.
Vendor’s URL: Logo Module
Bug Type: File Upload
Risk Level: Critical
Solution:
No official solution is currently available.
E-Commerce, File Inclusion
Application: SocialEngine
Affected Version: version 4.2.5p9 and other versions.
Vendor’s URL: Timeline Plugin
Bug Type: File Upload
Risk Level: Critical
Solution:
Update to version 4.6.0.
Content Management, File Inclusion
Application: Joomla!
Affected Version: version 3.1.4 and versions prior to 2.5.14 and 3.1.5.
Vendor’s URL: Joomla!
Bug Type: File Upload
Risk Level: Critical
Solution:
Update to version 2.5.14 or 3.1.5.
Content Management, File Inclusion
Application: WordPress
Affected Version: version 2.2 and prior versions.
Vendor’s URL: Export To Text Plugin
Bug Type: File Inclusion
Risk Level: Critical
Solution:
Update to version 2.3.
Content Management, File Inclusion
Application: YaBB
Affected Version: version 2.5.2.
Vendor’s URL: YaBB
Bug Type: File Inclusion
Risk Level: Critical
Solution:
Fixed in the SVN repository.
Discussion Boards, File Inclusion
Application: WordPress
Affected Version: version 1.0.4 and other versions.
Vendor’s URL: Uploader Plugin
Bug Type: Cross-Site Scripting & File Upload
Risk Level: Critical
Solution:
No official solution is currently available.
Content Management, Cross Site Scripting, File Inclusion
Application: WordPress
Affected Version: version 1.7.2 and other versions.
Vendor’s URL: WP ecommerce Shop Styling Plugin
Bug Type: File Inclusion
Risk Level: Critical
Solution:
Update to version 1.8.
Content Management, File Inclusion
Application: WordPress
Affected Version: version 1.4 and other versions.
Vendor’s URL: Gallery Plugin
Bug Type: Critical
Risk Level: File Inclusion
Solution:
No official solution is currently available.
Content Management, File Inclusion
Application: WordPress
Affected Version: version 1.4 and other versions
Vendor’s URL: ReFlex Gallery Plugin
Bug Type: File Upload
Risk Level: Critical
Solution:
No official solution is currently available.
Content Management, File Inclusion
Application: WordPress
Affected Version: version 1.4.2 and other versions.
Vendor’s URL: Zingiri Forum Plugin
Bug Type: File Disclosure
Risk Level: Critical
Solution:
Update to version 1.4.4.
Content Management, File Inclusion
Application: WordPress
Affected Version: version 2.10 and prior versions.
Vendor’s URL: Browser Rejector Plugin
Bug Type: File Inclusion
Risk Level: Critical
Solution:
Update to version 2.11.
Content Management, File Inclusion