CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Holding Pattern Project: Security Vulnerabilities

CVE-2015-1172

Unrestricted file upload vulnerability in admin/upload-file.php in the Holding Pattern theme (aka holding_pattern) 0.6 and earlier for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in an unspecified directory.

CVSS Score

7.5

EPSS Score

0.812

Published

2015-02-11

Page 1

Vulnerabilities

Vulnerable Software

Holding Pattern Project: Security Vulnerabilities

Products

Pricing

Contact Us