wordpress -- multiple vulnerabilities
The security issue is caused due to the wp_check_filetype()
function in /wp-includes/functions.php improperly validating uploaded
files. This can be exploited to execute arbitrary PHP code by
uploading a malicious PHP script with multiple extensions.
Successful exploitation of this vulnerability requires that Apache
is not configured to handle the mime-type for media files with an e.g.
"gif", "jpg", "png", "tif", "wmv" extension.
Input passed via certain parameters to press-this.php is not
properly sanitised before being displayed to the user. This can be
exploited to insert arbitrary HTML and script code, which will be
executed in a user's browser session in context of an affected site
when the malicious data is being viewed.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright