Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Unrestricted file upload vulnerability in (1) wp-app.php and (2) app.php in WordPress 2.2.1 and WordPress MU 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code via unspecified vectors, possibly related to the wp_postmeta table and the use of custom fields in normal (non-attachment) posts. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-3543.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WordPress 文件上传漏洞
Vulnerability Description
WordPress 2.2.1和WordPress MU 1.2.3的(1)wp-app.php和(2)app.php中存在未限制文件上传漏洞。远程认证用户可能通过与wp_postmeta表格和常规布置中自定义范围使用相关的未明向量上载并执行任意的PHP代码。
CVSS Information
N/A
Vulnerability Type
N/A