CVE-2008-5695

NONECVSS 0.0

0.0

wp-admin/options.php in WordPress MU before 1.3.2, and WordPress 2.3.2 and earlier, does not properly validate requests to update an option, which allows remote authenticated users with manage_options and upload_files capabilities to execute arbitrary code by uploading a PHP script and adding this script's pathname to active_plugins.

🔗 References (14)

cve@mitrehttp://mu.wordpress.org/forums/topic.php?id=7534&page&replies=1
cve@mitrehttp://secunia.com/advisories/28789
cve@mitrehttp://securityreason.com/securityalert/4798
cve@mitrehttp://www.buayacorp.com/files/wordpress/wordpress-mu-options-overwrite.html
cve@mitrehttp://www.buayacorp.com/files/wordpress/wp-blog-option-overwrite.txt
cve@mitrehttp://www.securityfocus.com/bid/27633
cve@mitrehttps://www.exploit-db.com/exploits/5066
af854a3a-2127-422b-91ae-364da2661108http://mu.wordpress.org/forums/topic.php?id=7534&page&replies=1
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28789
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/4798
af854a3a-2127-422b-91ae-364da2661108http://www.buayacorp.com/files/wordpress/wordpress-mu-options-overwrite.html
af854a3a-2127-422b-91ae-364da2661108http://www.buayacorp.com/files/wordpress/wp-blog-option-overwrite.txt
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/27633
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/5066

Is Your Infrastructure Affected by CVE-2008-5695?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-5695

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-5695?