ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <= 2.2.1 - Arbitrary File Upload

Product
WordPress
Description
This vulnerability is in wp-app.php and app.php. It allows remote authenticated users to upload and execute arbitrary PHP code via unspecified vectors.
Solution
Upgrade to latest version of WordPress.
Classification
Type Arbitrary File Upload
References
CVE Mitre
CVE
Name CVE-2007-3544
Versions
Affected In <= 2.2.1
Fixed In 2.2.2
Disclosure date
2007-07-03