Summary
This host is installed with Wordpress MailPoet Plugin and is prone to remote file upload vulnerability.
Impact
Successful exploitation will allow unauthenticated remote attacker to upload files in an affected site.
Impact Level: Application
Solution
Upgrade to version 2.6.7 or later,
For updates refer to http://wordpress.org/plugins/wysija-newsletters
Insight
Flaw is due to the program uses the admin_init hook to determine if a user is an admin.
Affected
WordPress MailPoet Newsletters Plugin version prior to 2.6.7.
Detection
Send a crafted data via HTTP GET request and check whether it is is able to upload file or not.
References
Severity
Classification
-
CVE CVE-2014-4725 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Andy's PHP Knowledgebase 'step5.php' Remote PHP Code Execution Vulnerability
- Adobe ColdFusion Directory Traversal Vulnerability
- Apache Struts ClassLoader Manipulation Vulnerabilities
- Alcatel-Lucent OmniPCX Enterprise Remote Command Execution Vulnerability
- Apache Tomcat AJP Protocol Security Bypass Vulnerability