cbcvebase.
CVE-2015-1172
published 2015-02-11

CVE-2015-1172: Unrestricted file upload vulnerability in admin/upload-file.php in the Holding Pattern theme (aka holding_pattern) 0.6 and earlier for WordPress allows remote…

PriorityP272high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
59.25%
99.0th percentile
Unrestricted file upload vulnerability in admin/upload-file.php in the Holding Pattern theme (aka holding_pattern) 0.6 and earlier for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in an unspecified directory.

Affected

1 ranges
VendorProductVersion rangeFixed in
holding_pattern_projectholding_pattern<= 0.6

Detection & IOCsextracted from sources · hover to see the quote

pathadmin/upload-file.php
pathholding_pattern/admin/upload-file.php
pathholding_pattern/uploads/
otherupload_path=../uploads (base64-encoded)
  • Monitor for unauthenticated HTTP POST requests to the WordPress theme path `holding_pattern/admin/upload-file.php` — the endpoint performs no session or file validation.
  • Flag any file uploaded with a `.php` extension into the WordPress themes directory, particularly under `holding_pattern/uploads/`.
  • ·The exploit targets all versions of the Holding Pattern theme (0.6 and earlier); version checks against the theme readme can be used to identify vulnerable installations.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.