WordPress Nmedia Member Conversation Plugin Arbitrary File Upload Vulnerability Network Vulnerability

Summary

This host is running WordPress Nmedia Member Conversation Plugin and is prone to file upload vulnerability.

Impact

Successful exploitation will allow attacker to upload arbitrary PHP code and run it in the context of the Web server process. Impact Level: System/Application

Solution

Upgrade to WordPress Nmedia Member Conversation Plugin version 1.4 or later, For updates refer to http://wordpress.org/extend/plugins/wordpress-member-private-conversation/

Insight

The flaw is due to the /wp-content/plugins/wordpress-member-private- conversation/doupload.php script allowing the upload of files with arbitrary extensions to a folder inside the webroot. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script.

Affected

WordPress Nmedia Member Conversation Plugin version 1.35.0

References

http://osvdb.org/82792
http://packetstormsecurity.org/files/113287/WordPress-Nmedia-WP-Member-Conversation-1.35.0-Shell-Upload.html
http://secunia.com/advisories/49375
http://wordpress.org/extend/plugins/wordpress-member-private-conversation/changelog/
http://www.opensyscom.fr/Actualites/wordpress-plugins-nmedia-wordpress-member-conversation-shell-upload-vulnerability.html
http://xforce.iss.net/xforce/xfdb/76076

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-3577
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

AdaptBB Multiple Input Validation Vulnerabilities
ActivePerl perlIS.dll Buffer Overflow
Advanced Guestbook Index.PHP SQL Injection Vulnerability
Adobe ColdFusion Components (CFC) Denial Of Service Vulnerability
Acidcat CMS Multiple Vulnerabilities

Take action and discover your vulnerabilities