WordPress Plugin Vulnerabilities

Creative Contact Form < 1.0.0 - Shell Upload

Description

The Creative Contact Form WordPress plugin was affected by a Shell Upload security vulnerability.

Affects Plugins

Plugin icon
sexy-contact-form
Fixed in 1.0.0

References

CVE
CVE-2014-8739
Exploitdb
35057
URL
exploit/unix/webapp/wp_creativecontactform_file_upload
URL
https://packetstormsecurity.com/files/#131513/

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
Yes
WPVDB ID
43471c75-abac-4b21-9630-91f4a322573b

Timeline

Publicly Published
2014-10-23 (about 11 years ago)
Added
2014-10-27 (about 11 years ago)
Last Updated
2020-10-25 (about 5 years ago)

Other

Published
Title
Published
2024-02-15
Title
WP Media folder < 5.7.3 - Authenticated (Subscriber+) Arbitrary File Upload
Published
2020-04-02
Title
Art-Picture-Gallery <= 1.2.9 - Unauthenticated Arbitrary File Upload
Published
2023-11-14
Title
Slider Revolution < 6.6.16 - Authenticated (Author+) Arbitrary File Upload
Published
2020-11-05
Title
Augmented Reality <= 1.2.0 - Unauthenticated PHP File Upload leading to RCE
Published
2024-11-08
Title
Image Classify <= 1.0.0 - Unauthenticated Arbitrary File Upload