Themes Vulnerabilities

Phototouch < 1.2.2 - Arbitrary File Upload via themify-ajax.php

Description

The phototouch WordPress theme was affected by an Arbitrary File Upload via themify-ajax.php security vulnerability.

Affects Themes

phototouch
Fixed in 1.2.2

References

URL
https://packetstormsecurity.com/files/#124097/
URL
https://themify.me/blog/urgent-vulnerability-found-in-themify-framework-please-read
URL
https://en.0day.today/exploits/22090

Miscellaneous

Verified
No
WPVDB ID
09ff29c0-c091-4e9b-8e7b-fe7cdf8231a3

Timeline

Publicly Published
2013-11-30 (about 12 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2020-10-05 (about 5 years ago)

Other

Published
Title
Published
2022-02-07
Title
Catch Themes Demo Import < 2.1.1 - Admin+ Remote Code Execution
Published
2023-12-27
Title
TerraClassifieds <= 2.0.3 Unauthenticated Arbitrary File Upload
Published
2014-08-01
Title
Evarisk 5.1.5.4 - include/lib/actionsCorrectives/activite/uploadPhotoApres.php File Upload PHP Code Execution
Published
2023-12-12
Title
Export and Import Users and Customers < 2.4.9 - Shop Manager+ Arbitrary File Upload
Published
2024-11-13
Title
Writer Helper <= 3.1.6 - Authenticated (Subscriber+) Arbitrary File Upload