CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-5324

Unrestricted file upload vulnerability in the N-Media file uploader plugin before 3.4 for WordPress allows remote authenticated users to execute arbitrary PHP code by leveraging Author privileges to store a file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.0%

CVSS Severity

CVSS v2 Score 6.5

References

http://jvn.jp/en/jp/JVN87863382/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000112
http://jvn.jp/en/jp/JVN87863382/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000112

Products affected by CVE-2014-5324

Najeebmedia » N-Media File Uploader » Version: Any

cpe:2.3:a:najeebmedia:n-media_file_uploader:*
Najeebmedia » N-Media File Uploader » Version: 3.0

cpe:2.3:a:najeebmedia:n-media_file_uploader:3.0
Najeebmedia » N-Media File Uploader » Version: 3.1

cpe:2.3:a:najeebmedia:n-media_file_uploader:3.1
Najeebmedia » N-Media File Uploader » Version: 3.2

cpe:2.3:a:najeebmedia:n-media_file_uploader:3.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-5324

Products

Pricing

Contact Us