virus logo Intrusion Prevention

WordPress.WPTouch.Authenticated.File.Upload

description-logoDescription

This indicates an attack attempt against an arbitrary File Upload vulnerability in WPtouch Plugin for WordPress.
The vulnerability is due to insufficient input validation and design error in the application when handling an unauthenticated file upload. It allows a remote attacker to upload an arbitrary file onto vulnerable systems.

affected-products-logoAffected Products

WPtouch Plugin for WordPress 3.4.2 and prior

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://wordpress.org/plugins/wptouch/changelog/

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-02-01 14.540 Name:Wordpress.
WPTouch.
Authenticated.
File.
Upload:WordPress.
WPTouch.
Authenticated.
File.
Upload

References

https://wordpress.org/plugins/wptouch/changelog/
ID 38971
Created Sep 16, 2014
Updated Mar 23, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS All
Affected App PHP_app