{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-02T19:46:38.720","vulnerabilities":[{"cve":{"id":"CVE-2013-5963","sourceIdentifier":"cve@mitre.org","published":"2013-09-30T22:55:03.323","lastModified":"2026-04-29T01:13:23.040","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Unrestricted file upload vulnerability in multi.php in Simple Dropbox Upload plugin before 1.8.8.1 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in wp-content/uploads/wpdb/."},{"lang":"es","value":"Vulnerabilidad de subida de ficheros sin restricciones en multi.php en el plugin Simple Dropbox Upload anteriores a 1.8.8.1 para WordPress permite a atacantes remotos ejecutar código arbitrario subiendo un fichero con una extensión ejecutable y después accediendo a él a través de una petición directa al fichero wp-content/uploads/wpdb/."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:*:*:*:*:*:*:*:*","versionEndIncluding":"1.8.8","matchCriteriaId":"8028D1CD-28E6-4ACC-8374-77524BCB0EAB"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:0.5.0:*:*:*:*:*:*:*","matchCriteriaId":"AF0C3A8A-8CD4-4DD4-9661-B39A172A9429"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C365D48A-228C-4427-A302-B06BF3AC3099"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:1.1.0:*:*:*:*:*:*:*","matchCriteriaId":"30CD0A8F-685E-43E2-9179-14121FC30530"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:1.1.1:*:*:*:*:*:*:*","matchCriteriaId":"F93E223E-D08A-45CD-8CA6-76F05FCCCFB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:1.1.2:*:*:*:*:*:*:*","matchCriteriaId":"CA9318C7-BA6B-47BE-8E29-1190E47D736B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:1.2.0:*:*:*:*:*:*:*","matchCriteriaId":"CB6C8FF9-20D5-454B-B60A-F7DD832636E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:1.3.0:*:*:*:*:*:*:*","matchCriteriaId":"27E46F76-693D-48D1-893D-9ADDFFEFC5C2"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:1.3.1:*:*:*:*:*:*:*","matchCriteriaId":"F84BEE7F-EF40-49F0-A7B2-2EFECAB465CE"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"90862933-1BCE-4D7E-A2A1-1B9650CF38F7"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:1.5.0:*:*:*:*:*:*:*","matchCriteriaId":"887E4059-AF6E-4FE9-883A-58DCAABFEDBE"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:1.5.1:*:*:*:*:*:*:*","matchCriteriaId":"0D20FDE7-C018-4A4B-98A3-B24306188C45"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:1.5.2:*:*:*:*:*:*:*","matchCriteriaId":"89744849-0CEE-413B-A689-46223C933AAC"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:1.5.3:*:*:*:*:*:*:*","matchCriteriaId":"EFDDBA20-8B43-4745-87BC-6CDFB2427678"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:1.6.0:*:*:*:*:*:*:*","matchCriteriaId":"6A62A327-B100-406D-ACD9-34221663F0B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:1.7.0:*:*:*:*:*:*:*","matchCriteriaId":"F4C471C6-D188-476B-81BF-9A937D01FE85"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:1.8.0:*:*:*:*:*:*:*","matchCriteriaId":"FEF995B1-F090-4094-8781-819305F1E14E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:1.8.1:*:*:*:*:*:*:*","matchCriteriaId":"66A4B7A4-55DD-4EDA-81CA-290610CC302C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:1.8.2:*:*:*:*:*:*:*","matchCriteriaId":"FB76F36E-C2F2-4EA3-B8AD-C8E5220747D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:1.8.3:*:*:*:*:*:*:*","matchCriteriaId":"9603F166-D370-48CD-9FA9-707BBBF39A19"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:1.8.4:*:*:*:*:*:*:*","matchCriteriaId":"785AACB4-1434-4BF8-A060-F856C4445BC6"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:1.8.5:*:*:*:*:*:*:*","matchCriteriaId":"FF6884FD-1867-4345-B455-E32E4F818DB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:1.8.6:*:*:*:*:*:*:*","matchCriteriaId":"A14DD3DE-5F37-4FB9-AFE6-2E0BAB62D6DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cdsincdesign:simple_dropbox_upload_form:1.8.7:*:*:*:*:*:*:*","matchCriteriaId":"A0FD87C0-3A3D-4589-A5CD-63CC4D736867"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*","matchCriteriaId":"A77EB0E7-7FA7-4232-97DF-7C7587D163F1"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/123235","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://plugins.trac.wordpress.org/changeset?reponame=&old=774214%40simple-dropbox-upload-form%2Ftrunk&new=774214%40simple-dropbox-upload-form%2Ftrunk","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/54856","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://wordpress.org/plugins/simple-dropbox-upload-form/changelog","source":"cve@mitre.org","tags":["Exploit","Patch"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/87166","source":"cve@mitre.org"},{"url":"http://packetstormsecurity.com/files/123235","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://plugins.trac.wordpress.org/changeset?reponame=&old=774214%40simple-dropbox-upload-form%2Ftrunk&new=774214%40simple-dropbox-upload-form%2Ftrunk","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/54856","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://wordpress.org/plugins/simple-dropbox-upload-form/changelog","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/87166","source":"af854a3a-2127-422b-91ae-364da2661108"}],"evaluatorComment":"Per: http://cwe.mitre.org/data/definitions/434.html\n\n'CWE-434: Unrestricted Upload of File with Dangerous Type'\n\n"}}]}