The WordPress plugin wp-file-upload does not adequately check the filetype before allowing it to be uploaded. It also uploaded files with execute permissions, allowing malicious payloads to be uploaded.
1. Install wp-file-upload on a WordPress site and activate it. 2. Create an upload form on a page. 3. Create a file named payload.php…jpg with the contents
CPE | Name | Operator | Version |
---|---|---|---|
wp-file-upload | lt | 3.4.1 |