ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <= 1.3.1 - Remote Code Execution

Product
WordPress
Description
Because of this vulnerability, the authenticated users with manage_options and upload_files capabilities can execute arbitrary code by uploading a PHP script.
Solution
Update WordPress.
Classification
Type Arbitrary Code Execution
References
CVE Mitre
CVE
Name CVE-2008-5695
Versions
Affected In <= 1.3.1
Fixed In 1.3.2
Disclosure date
2008-12-19
Credits
Alexander Concha