WordPress: CSRF to add admin [wordpress]

2016-07-06T17:08:31
ID H1:149589
Type hackerone
Reporter abdullah
Modified 2017-06-30T17:49:16

Description

This researcher discovered that WordPress was vulnerable to CSRF attacks when Flash files are uploaded to the application with extensions matching trusted file types, since the Flash plugin will load/run the file in certain cases, regardless of the extension and Content-Type header of that file.

To resolve this issue, WordPress implemented more strict file-type checks on uploaded files to limit the ability for flash files to be uploaded.