WordPress Guest Posting Plugin CVE-2012-5318 'uploadify.php' Arbitrary File Upload Vulnerability

WordPress Guest Posting Plugin CVE-2012-5318 'uploadify.php' Arbitrary File Upload Vulnerability

The Guest Posting plugin is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input.

An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application.

Note: This issue exists due to an incomplete fix for CVE-2012-1125 (BID 51638 - WordPress Guest Posting Plugin 'uploadify.php' Arbitrary File Upload Vulnerability).

Guest Posting 1.0 is vulnerable; other versions may also be affected.