The Urban City theme for WordPress is insecure and can be exploited by unauthenticated attackers. The vulnerability is caused by missing file type validation in the download.php file, which allows attackers to upload arbitrary files on the affected site’s server. This could lead to remote code execution, which means the attacker can take control of the server.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
