CVE-2007-3543 — Unrestricted File Upload in Wordpress

10 documents6 sources

Severity

6.5MEDIUMNVD

NVD6.0OSV6.0

EPSS

1.7%

top 17.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wordpress Debian Wordpress Wordpress MU

Timeline

PublishedJul 3

Latest updateMay 1

Description

Unrestricted file upload vulnerability in WordPress before 2.2.1 and WordPress MU before 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code by making a post that specifies a .php filename in the _wp_attached_file metadata field; and then sending this file's content, along with its post_ID value, to (1) wp-app.php or (2) app.php.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 6.8 | Impact: 6.4

Affected Packages4 packages

▶debiandebian/wordpress< wordpress 2.2.1-1 (bookworm)+1

▶Debianwordpress/wordpress< 2.2.2-1+7

▶NVDwordpress/wordpress2.2.0

▶NVDwordpress/wordpress_mu1.2.2

🔴Vulnerability Details

GHSA

GHSA-mv47-qh9x-3pwh: Unrestricted file upload vulnerability in WordPress before 2↗2022-05-01

▶

GHSA

GHSA-2hhx-g28r-fqwv: Unrestricted file upload vulnerability in (1) wp-app↗2022-05-01

▶

OSV

CVE-2007-3544: Unrestricted file upload vulnerability in (1) wp-app↗2007-07-03

▶

OSV

CVE-2007-3543: Unrestricted file upload vulnerability in WordPress before 2↗2007-07-03

▶

💥Exploits & PoCs

Exploit-DB

SmartCode VNC Manager 3.6 - 'scvncctrl.dll' Denial of Service↗2007-05-08

▶

📋Vendor Advisories

Debian

CVE-2007-3543: wordpress - Unrestricted file upload vulnerability in WordPress before 2.2.1 and WordPress M...↗2007

▶

Debian

CVE-2007-3544: wordpress - Unrestricted file upload vulnerability in (1) wp-app.php and (2) app.php in Word...↗2007

▶

💬Community

Bugzilla

Wordpress 2.2(.1): SQL injection, XSS, unrestricted file upload vulnerabilities↗2007-06-21

▶