WordPress Plugin Vulnerabilities

Lazy SEO 1.1.9 - lazyseo.php File Upload Arbitrary Code Execution

Description

The Lazy SEO WordPress plugin was affected by a lazyseo.php File Upload Arbitrary Code Execution security vulnerability.

Affects Plugins

Plugin icon
lazy-seo
Fixed in 1.4.0

References

CVE
CVE-2013-5961
Exploitdb
28452
URL
https://packetstormsecurity.com/files/#123349/
URL
https://exchange.xforce.ibmcloud.com/vulnerabilities/87384

Miscellaneous

Verified
No
WPVDB ID
5fe2f5bd-e30b-4a59-8948-f441947c8d26

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2026-05-06
Title
Slider Revolution 7.0.0 - 7.0.10 - Subscriber+ Arbitrary File Upload via _get_media_url
Published
2015-12-23
Title
NextGEN Gallery < 2.1.15 - Unrestricted File Upload
Published
2015-06-09
Title
Aviary Image Editor Add-on For Gravity Forms <= 3.0beta - Unauthenticated File Upload
Published
2024-01-31
Title
Icons Font Loader < 1.1.5 - Authenticated(Administrator+) Arbitrary File Upload
Published
2023-11-01
Title
Drag and Drop Multiple File Upload - Contact Form 7 < 1.3.7.4 - Unauthenticated Arbitrary File Upload