WordPress Plugin Vulnerabilities

Asset Manager - upload.php Arbitrary Code Execution

Description

The asset-manager WordPress plugin was affected by an upload.php Arbitrary Code Execution security vulnerability.

Affects Plugins

Plugin icon
asset-manager
No known fix

References

URL
https://packetstormsecurity.com/files/#113285/
URL
https://exchange.xforce.ibmcloud.com/vulnerabilities/80823

Miscellaneous

Verified
No
WPVDB ID
d96ea4c0-ea9b-4a11-812b-d951b535feef

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2025-11-20
Title
S2B AI Assistant – ChatBot, ChatGPT, OpenAI, Content & Image Generator < 1.7.9 - Authenticated (Editor+) Arbitrary File Upload
Published
2025-04-14
Title
JS Job Manager <= 2.0.2 - Unauthenticated Arbitrary File Upload
Published
2024-07-08
Title
Modern Events Calendar <= 7.11.0 - Authenticated (Subscriber+) Arbitrary File Upload
Published
2014-08-01
Title
Kino Gallery 1.0 - Shell Upload
Published
2024-09-12
Title
MStore API – Create Native Android & iOS Apps On The Cloud < 4.15.4 - Authenticated (Subscriber+) Limited Arbitrary File Upload