Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

WordPress < 2.1.2 RCE

Medium

Synopsis

The remote web server contains a PHP application that is affected by a remote command execution vulnerability.

Description

The version of WordPress installed on the remote host may include a backdoor that allows an unauthenticated remote attacker to execute arbitrary code on the remote host, subject to the permissions of the web server user ID.

Solution

Upgrade to WordPress 2.1.2, or later.