CVE-2007-3543

Severity

60%

Complexity

68%

Confidentiality

106%

Successful exploitation requires valid Editor credentials and that the system is configured to allow uploads.

Unrestricted file upload vulnerability in WordPress before 2.2.1 and WordPress MU before 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code by making a post that specifies a .php filename in the _wp_attached_file metadata field; and then sending this file's content, along with its post_ID value, to (1) wp-app.php or (2) app.php.

Successful exploitation requires valid Editor credentials and that the system is configured to allow uploads.

CVSS 2.0 Base Score 6. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:S/C:P/I:P/A:P).

Overview

First reported 17 years ago

2007-07-03 20:30:00

Last updated 16 years ago

2008-11-15 06:53:00

Affected Software

WordPress

References

37295

25794

Vendor Advisory

http://trac.mu.wordpress.org/changeset/1005

http://www.buayacorp.com/files/wordpress/wordpress-advisory.html

24642

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.