Summary
Wordpress theme 'Method' is prone to an arbitrary file download vulnerability
Impact
Exploiting this issue could allow an attacker to compromise the application and the underlying system
other attacks are also
possible.
Solution
Ask the vendor for an update
Detection
Send a crafted HTTP GET request and check the response
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apple Safari PDF Javascript Security Bypass Bypass Vulnerability
- AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal Vulnerability
- Apache Solr XML External Entity(XXE) Vulnerability-02 Jan-14
- Admin Bot 'news.php' SQL Injection Vulnerability
- Athena Web Registration remote command execution flaw