7.2 High
AI Score
Confidence
Low
8.5 High
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
0.037 Low
EPSS
Percentile
91.8%
wp-admin/options.php in WordPress MU before 1.3.2, and WordPress 2.3.2 and earlier, does not properly validate requests to update an option, which allows remote authenticated users with manage_options and upload_files capabilities to execute arbitrary code by uploading a PHP script and adding this script’s pathname to active_plugins.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress:wordpress | wordpress | le | 2.3.2 |
wordpress:wordpress_mu | wordpress wordpress mu | lt | 1.3.2 |
mu.wordpress.org/forums/topic.php?id=7534&page&replies=1
secunia.com/advisories/28789
securityreason.com/securityalert/4798
www.buayacorp.com/files/wordpress/wordpress-mu-options-overwrite.html
www.buayacorp.com/files/wordpress/wp-blog-option-overwrite.txt
www.securityfocus.com/bid/27633
www.exploit-db.com/exploits/5066