What is CVE-2013-7102?

CVE-2013-7102 is a vulnerability in Optimizepress, classified under Improper Input Validation. Published 2013-12-23.

Is CVE-2013-7102 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Improper input validation in Optimizepress

CVE-2013-7102

Multiple unrestricted file upload vulnerabilities in (1) media-upload.php, (2) media-upload-lncthumb.php, and (3) media-upload-sq_button.php in lib/admin/ in the OptimizePress theme before 1.61 for WordPress allow remote attackers to execu…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.633 (98.4th percentile) — read the EPSS interpretation.

Affected products

Optimizepress
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

Public proof-of-concept exploits

References

secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (Exploit, x_refsource_MISC)
secalert@redhat.com (Exploit, x_refsource_MISC)
20131215 Re: WordPress OptimizePress Theme - File Upload Vulnerability (mailing-list, x_refsource_FULLDISC)

Frequently asked questions

What is CVE-2013-7102?: CVE-2013-7102 is a vulnerability in Optimizepress, classified under Improper Input Validation. Published 2013-12-23.
Is CVE-2013-7102 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.