Description
WordPress Plugin Uploadify is prone to a vulnerability that lets attackers upload arbitrary files. Successful exploitation of the vulnerability allows an attacker to upload a php code for example and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation. WordPress Plugin Uploadify version 1.0 is vulnerable.
Remediation
Disable the plugin
References
Related Vulnerabilities
GlassFish CVE-2016-5528 Vulnerability (CVE-2016-5528)
Jboss EAP CVE-2016-5018 Vulnerability (CVE-2016-5018)
e107 Other Vulnerability (CVE-2007-3429)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1832)
WordPress Plugin Wholesale Market Arbitrary File Download (2.2.0)