Kishore Asokan Kish Guest Posting Plugin vulnerabilities
2 known vulnerabilities affecting kishore_asokan/kish_guest_posting_plugin.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2012-1125P2MEDIUMCVSS 6.8PoC≤ 1.1v1.02012-10-08
CVE-2012-1125 [MEDIUM] CVE-2012-1125: Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting
Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin before 1.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with a PHP extension, then accessing it via a direct request to the file in the directory specified by the folder parameter.
nvd
CVE-2012-5318P3MEDIUMCVSS 6.8PoCv1.22012-10-08
CVE-2012-5318 [MEDIUM] CVE-2012-5318: Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting
Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin 1.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with a double extension, then accessing it via a direct request to the file in the directory specified by the folder parameter. NOTE: this vulnerability exists because
nvd