Unrestricted File Upload Vulnerabilities in WP Symposium Plugin by WordPress
CVE-2011-5051

Currently unrated

Key Information:

Vendor: Wordpress
Status: WP Symposium
Vendor: CVE Published:; 4 January 2012

Summary

The WP Symposium plugin for WordPress prior to version 11.12.24 is susceptible to multiple unrestricted file upload vulnerabilities. These flaws allow remote attackers to upload malicious files with executable extensions through specific endpoints, namely uploadify/upload_admin_avatar.php and uploadify/upload_profile_avatar.php. Attackers can then access the uploaded files directly via requests to these files, leading to potential arbitrary code execution within an unspecified directory of the webroot. This presents significant security risks for WordPress users relying on the WP Symposium plugin.

References

http://osvdb.org/78041

vdb-entryx_refsource_OSVDB

http://secunia.com/advisories/46097

third-party-advisoryx_refsource_SECUNIA

https://wpsymposium-trac.sourcerepo.com/wpsymposium_trac/...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jan 4, 2012
Vulnerability Reserved
Jan 4, 2012