- Multiple vendor applications utilize Uploadify. Uploadify is a jQuery plugin that integrates a fully-customizable multiple file upload utility on your website. Uploadify contains functionality to handle file uploads. A remote attacker could use this functionality to upload malicous executable files on the system. To test file upload capabilities, Acunetix created a file named acunetix-uploadify-test.php in the server document root.
- It is recommended to replace the Uploadify script with a script that is more secure.
- WordPress Plugin Tidio Gallery Multiple Vulnerabilities (1.1)
- WordPress Plugin PICA Photo Gallery 'picaPhotosResize.php' Arbitrary File Upload (1.0)
- vBSEO 3.6.0 PHP code injection
- WordPress Plugin Resume Submissions & Job Postings Arbitrary File Upload (2.5.3)
- WordPress Plugin Homepage SlideShow 'upload.php' Arbitrary File Upload (2.0)