WordPress is a set of blogging platforms developed by the WordPress (Wordpress) Foundation using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress WP Upload Restriction plugin 2.2.3 and earlier versions contain an access control error vulnerability that stems from a network system or product that does not properly restrict access to resources from unauthorized roles. An attacker could exploit this vulnerability to allow a low-level authenticated user to view custom extensions added by the administrator.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress wordpress wp upload restriction | le | 2.2.3 |