8.5

CVE-2008-5695

Exploit

WordPress Core < 2.3.3 & WordPress MU < 1.3.2 - Remote Code Execution

wp-admin/options.php in WordPress MU before 1.3.2, and WordPress 2.3.2 and earlier, does not properly validate requests to update an option, which allows remote authenticated users with manage_options and upload_files capabilities to execute arbitrary code by uploading a PHP script and adding this script's pathname to active_plugins.
Mögliche Gegenmaßnahme
WordPress: Update to version 2.3.3, or a newer patched version
WordPress MU: Update to version 1.3.2, or a newer patched version
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
WordpressWordpress Version <= 2.3.2
WordpressWordpress Mu Version < 1.3.2
Weitere Schwachstelleninformationen
SystemWordPress Core
Produkt WordPress
Version *-2.3.2
SystemWordPress Core
Produkt WordPress MU
Version *-1.3.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 12.01% 0.956
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.5 6.8 10
AV:N/AC:M/Au:S/C:C/I:C/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://mu.wordpress.org/forums/topic.php?id=7534&page&replies=1
Vendor Advisory
Release Notes
http://secunia.com/advisories/28789
Third Party Advisory
http://securityreason.com/securityalert/4798
Third Party Advisory
http://www.buayacorp.com/files/wordpress/wordpress-mu-options-overwrite.html
Third Party Advisory
Exploit
http://www.buayacorp.com/files/wordpress/wp-blog-option-overwrite.txt
Third Party Advisory
Exploit
http://www.securityfocus.com/bid/27633
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/5066
Third Party Advisory
Exploit
VDB Entry
https://www.wordfence.com/threat-intel/vulnerabilities/id/8afcb18c-71e6-4c77-b0f9-0700ee05966e
Third Party Advisory