Unrestricted file upload vulnerability in (1) wp-app.php and (2) app.php in WordPress 2.2.1 and WordPress MU 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code via unspecified vectors, possibly related to the wp_postmeta table and the use of custom fields in normal (non-attachment) posts. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-3543.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2007-07-03T20:00:00
Updated: 2012-10-31T09:00:00
Reserved: 2007-07-03T00:00:00
Link: CVE-2007-3544
JSON object: View
NVD Information
Status : Modified
Published: 2007-07-03T20:30:00.000
Modified: 2013-09-08T05:21:56.707
Link: CVE-2007-3544
JSON object: View
Redhat Information
No data.
CWE