Sonicwall Signatures
Go to
All Categories
list.
WordPress plugin Gravity Forms Remote Code Execution
Category:
WEB-ATTACKS
The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for WordPress does not properly restrict access, which allows remote attackers to upload arbitrary files and execute arbitrary PHP code via a request to utilities/code_generator.php.
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6446
© SonicWall 2020 |
Privacy Policy
|
Conditions for use
Version: 10.0
