CVE-2008-2392
CVE-2008-2392 describes an unrestricted file upload in WordPress versions 2.5.1 and earlier. The issue allows remote authenticated administrators to upload and execute arbitrary PHP files via the Upload section in the Write Tabs area of the dashboard. The underlying cause is an inadequately const...