CVE-2012-6649
published 2020-01-23CVE-2012-6649: WordPress WP GPX Maps Plugin 1.1.21 allows remote attackers to execute arbitrary PHP code via improper file upload.
PriorityP273critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
16.26%
96.6th percentile
WordPress WP GPX Maps Plugin 1.1.21 allows remote attackers to execute arbitrary PHP code via improper file upload.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| devfarm | wp_gpx_maps | — | — |
Detection & IOCsextracted from sources · hover to see the quote
urlhttp://my-site.com/wp-content/plugins/wp-gpx-maps/wp-gpx-maps_admin_tracks.php?realGpxPath=.&target_path=.&gpxRegEx=//↗
- →Monitor HTTP requests targeting wp-gpx-maps_admin_tracks.php with parameters realGpxPath, target_path, and gpxRegEx — this is the unauthenticated arbitrary file upload endpoint exploited in CVE-2012-6649. ↗
- →Alert on POST requests to /wp-content/plugins/wp-gpx-maps/wp-gpx-maps_admin_tracks.php, especially those uploading PHP files, as the target_path parameter allows arbitrary upload directory traversal. ↗
- →Use the Google Dork pattern inurl:wp-content/plugins/wp-gpx-maps/ to identify exposed vulnerable WordPress installations. ↗
- ·The vulnerable plugin version is specifically 1.1.21; installations running this exact version are affected by the unauthenticated arbitrary file upload. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
2020-01-23
Published