The Eptonic theme for WordPress was vulnerable in versions up to 1.4, due to a missing file type validation in a file called VALUMS_UPLOADER_PATH/php.php. This lack of validation meant that an unauthenticated attacker could upload any type of file to the website’s server, which could allow for remote code execution.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
