|Category:||Web application abuses|
|Title:||WordPress Nmedia Users File Uploader Plugin Arbitrary File Upload Vulnerability|
|Summary:||This host is running WordPress Nmedia Users File Uploader Plugin; and is prone to file upload vulnerability.|
This host is running WordPress Nmedia Users File Uploader Plugin
and is prone to file upload vulnerability.
The flaw is due to the /wp-content/plugins/nmedia-user-file-uploader/
doupload.php script allowing the upload of files with arbitrary extensions
to a folder inside the webroot. This can be exploited to execute arbitrary
PHP code by uploading a malicious PHP script.
Successful exploitation will allow attacker to upload arbitrary PHP code
and run it in the context of the Web server process.
WordPress Nmedia Users File Uploader Plugin version 1.8
Update to WordPress Nmedia Users File Uploader Plugin version 2.0 or later.
BugTraq ID: 53786|
|Copyright||This script is Copyright (C) 2012 Greenbone Networks GmbH|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.