ThreatPress

WordPress Vulnerabilities Database

Back

JD-WordPress 2.0 RC2 - Remote file inclusion

Product
JD WordPress
Description
The vulnerabilities in JD-WordPress allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) wp-comments-post.php, (2) wp-feed.php, or (3) wp-trackback.php.
Solution
Update WordPress.
Classification
Type Remote File Inclusion
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In 2.0
Fixed In 2.1
Disclosure date
2009-10-19
Credits
Don Tukulesto