The Sandbox theme for WordPress, up to and including version 1.6.1, is vulnerable to malicious files being uploaded to the affected website’s server. This is because the uploadify.php file does not validate the type of file that can be uploaded. If malicious files are uploaded, it can lead to remote code execution which can let an attacker control the website.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
