• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

WordPress Custom Field Arbitrary File Upload Vulnerability

Bugtraq ID:	24642
Class:	Access Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Jun 26 2007 12:00AM
Updated:	Jun 28 2007 03:18AM
Credit:	Alexander Concha is credited with the discovery of this vulnerability.
Vulnerable:	WordPress WordPress MU 1.2.2 WordPress WordPress 2.1.3 WordPress WordPress 2.1.3 WordPress WordPress 2.1.2 WordPress WordPress 2.1.1 WordPress WordPress 2.0.10 WordPress WordPress 2.0.7 WordPress WordPress 2.0.6 WordPress WordPress 2.0.5 WordPress WordPress 2.0.4 WordPress WordPress 2.0.3 WordPress WordPress 2.0.2 WordPress WordPress 2.0.1 WordPress WordPress 2.0 WordPress WordPress 2.2 WordPress WordPress 2.1.3-RC2 WordPress WordPress 2.1.3-RC1 WordPress WordPress 2.1 WordPress WordPress 2.0.10-RC2 WordPress WordPress 2.0.10-RC1
Not Vulnerable:	WordPress WordPress MU 1.2.3 WordPress WordPress 2.2.1