ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <= 2.8.5 - Unrestricted File Upload Arbitrary PHP Code Execution

Product
WordPress
Description
An unrestricted file upload arbitrary PHP code execution vulnerability was found in WordPress 2.8.5 and lower versions.
Solution
Update the WordPress.
Classification
Type Arbitrary File Upload
References
Exploit-DB
CVE
Name CVE-2009-3890
Versions
Affected In <= 2.8.5
Fixed In 2.8.6
Disclosure date
2009-11-11
Credits
Dawid Golunski