WordPress Slider Revolution Shell Upload



Description
Note: The Construct, Echelon, Fusion, Method, Modular and Myriad affected themes are from the Mysitemyway, who went out of business, and the themes have been forked by BackStop Themes who does not use Revslider

Affects Plugin

fixed in version 3.0.96

Affects Themes

fixed in version 3.4
fixed in version 2.8.3
fixed in version 2.8.3
fixed in version 2.8.3
fixed in version 2.8.3
fixed in version 2.8.3
fixed in version 2.8.3

References

CVE 2014-9735
EXPLOITDB 35385
METASPLOIT exploit/unix/webapp/wp_revslider_upload_execute
URL https://whatisgon.wordpress.com/2014/11/30/another-revslider-vulnerability/

Classification

Type UPLOAD
CWE CWE-434

Miscellaneous

Submitter firefart
Submitter Website https://firefart.at/
Submitter Twitter _FireFart_
Views 21287
Verified Yes
WPVDB ID 7954

Timeline

Publicly Published 2014-11-30 (about 5 years ago)
Added 2015-05-03 (over 4 years ago)
Last Updated 2019-11-28 (11 days ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin