CVE-2015-2194
NONE EPSS 86.5%
Published Mar 3, 201511y ago · Modified Jun 17, 20262w ago
Published Mar 3, 2015 11y ago
Last Modified Jun 17, 2026 2w ago
Description
Unrestricted file upload vulnerability in the fusion_options function in functions.php in the Fusion theme 3.1 for Wordpress allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension in a fusion_save action, then accessing it via unspecified vectors.
Threat Intelligence
EPSS Exploit Probability
86.5% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| digitalnature | fusion | 3.1 | any |
References 3
- packetstormsecurity.com http://packetstormsecurity.com/files/130397/WordPress-Fusion-3.1-Arbitrary-File-Upload.html
- securityfocus.com http://www.securityfocus.com/bid/75341
- wpvulndb.com https://wpvulndb.com/vulnerabilities/7795
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.