Added wysija-newsletters plugin file upload found by Sucuri

2014-07-01 18:04:09 +02:00
parent daef491d3e
commit f9b10dc9db
1 changed files with 8 additions and 0 deletions
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -6740,6 +6740,14 @@
  </plugin>

  <plugin name="wysija-newsletters">
+    <vulnerability>
+      <title>Wysija Newsletters - Remote File Upload</title>
+      <references>
+        <url>http://blog.sucuri.net/2014/07/remote-file-upload-vulnerability-on-mailpoet-wysija-newsletters.html</url>
+      </references>
+      <type>UPLOAD</type>
+      <fixed_in>2.6.7</fixed_in>
+    </vulnerability>
    <vulnerability>
      <title>Wysija Newsletters 2.2 - SQL Injection Vulnerability</title>
      <references>