- This vulnerability is in wp-app.php and app.php. It allows remote authenticated users to upload and execute arbitrary PHP code via unspecified vectors.
- Upgrade to latest version of WordPress.
Type Arbitrary File Upload
- Name CVE-2007-3544
Fixed In 2.2.2
- Disclosure date