Unrestricted File Upload in Kish Guest Posting for WordPress
CVE-2012-5318
Currently unrated
What is CVE-2012-5318?
The Kish Guest Posting plugin for WordPress contains an unrestricted file upload vulnerability in the uploadify/scripts/uploadify.php file. This flaw allows attackers to upload malicious files with double extensions, enabling arbitrary code execution. The issue arises from an incomplete fix related to a previous vulnerability, exposing users to potential security breaches if exploited. Affected users should promptly update their plugin to mitigate this risk.