FreeBSD : wordpress -- multiple vulnerabilities (0640198a-d117-11de-b667-0030843d3802)
Medium Nessus Plugin ID 42808
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
Descriptionsecunia reports :
The security issue is caused due to the wp_check_filetype() function in /wp-includes/functions.php improperly validating uploaded files.
This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script with multiple extensions.
Successful exploitation of this vulnerability requires that Apache is not configured to handle the mime-type for media files with an e.g.
'gif', 'jpg', 'png', 'tif', 'wmv' extension.
Input passed via certain parameters to press-this.php is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.
SolutionUpdate the affected packages.