PHP Remote File Inclusion Vulnerability in Relocate Upload Plugin by WordPress
CVE-2012-1205

Currently unrated

Key Information:

Vendor

Wordpress
Status
Relocate-upload
Vendor
CVE Published:
24 February 2012

What is CVE-2012-1205?

The Relocate Upload plugin for WordPress contains a PHP remote file inclusion vulnerability in the relocate-upload.php file. This flaw allows remote attackers to inject and execute arbitrary PHP code by manipulating the abspath parameter, which can lead to unauthorized access and control over the affected WordPress site. It is crucial for users of the plugin to update to the latest version to mitigate this security risk and protect their systems from potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/47976
third-party-advisoryx_refsource_SECUNIA
http://wordpress.org/extend/plugins/relocate-upload/chang...
x_refsource_CONFIRM
http://osvdb.org/79250
vdb-entryx_refsource_OSVDB

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.