WordPress Plugin Vulnerabilities

Estatik < 2.3.1 - Arbitrary File Upload

Description

The Estatik Real Estate Plugin WordPress plugin was affected by an Arbitrary File Upload security vulnerability.

Affects Plugins

Plugin icon
estatik
Fixed in 2.3.1

References

CVE
CVE-2016-10958
CVE
CVE-2016-10959
URL
https://www.pluginvulnerabilities.com/2016/08/01/arbitrary-file-upload-vulnerability-in-estatik/
URL
https://estatik.net/estatik-released-security-updates/

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
cc30bf51-69f3-49e2-84f5-efc74f3fffcf

Timeline

Publicly Published
2016-08-01 (about 9 years ago)
Added
2016-08-12 (about 9 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2026-03-23
Title
JupiterX Core < 4.14.2 - Authenticated (Subscriber+) Missing Authorization To Limited File Upload via Popup Template Import
Published
2024-10-15
Title
File Manager Pro < 8.3.10 - Unauthenticated Backup File Download and Upload
Published
2014-08-01
Title
Rent A Car 1.0 - Shell Upload
Published
2026-03-02
Title
ThemeREX Addons < 2.38.5 - Unauthenticated Arbitrary File Upload
Published
2025-05-27
Title
MasterStudy LMS Pro < 4.7.1 - Authenticated (Subscriber+) Arbitrary File Upload