Description
Unrestricted file upload vulnerability in WordPress 2.5.1 and earlier might allow remote authenticated administrators to upload and execute arbitrary PHP files via the Upload section in the Write Tabs area of the dashboard.
Remediation
References
Related Vulnerabilities
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2021-28683)
WordPress Plugin WordPress Form Customizer-CF7 Customizer Cross-Site Scripting (1.6.1)
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2017-15715)
PHP Integer Overflow or Wraparound Vulnerability (CVE-2015-8394)
WordPress Plugin W4 Post List Multiple Vulnerabilities (2.4.5)