Wordpress Slider Revolution Arbitrary File Download Vulnerability

Summary

Wordpress Slider Revolution is prone to an arbitrary file download vulnerability

Impact

Exploiting this issue could allow an attacker to compromise the application and the underlying system other attacks are also possible.

Solution

Ask the vendor for an update

Detection

Send a crafted HTTP GET request and check the response

References

http://h3ck3rcyb3ra3na.wordpress.com/2014/08/15/wordpress-slider-revolution-responsive-4-1-4-arbitrary-file-download-0day/

Updated on 2015-03-25

Severity

High Severity

Classification

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities