ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <= 2.5.1 - Unrestricted file upload

Product
WordPress
Description
Because of this vulnerability, the authenticated administrators can upload and execute arbitrary PHP files via the Upload section.
Solution
Update WordPress.
Classification
Type Arbitrary File Upload
References
CVE Mitre
CVE
Name CVE-2008-2392
Versions
Affected In <= 2.5.1
Fixed In 2.5.2
Disclosure date
2008-05-21
Credits
CWH Underground