• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

WordPress Custom Field Arbitrary File Upload Vulnerability

WordPress is prone to an arbitrary-file-upload vulnerability.

An attacker can exploit this vulnerability to upload PHP script code and execute it in the context of the webserver process.

This issue affects WordPress 2.2.1, WordPress MU 1.2.3, and prior versions.