CVE-2012-3577
high
CVSS v3
—
CVSS v2
7.5
VIR risk
7.5
Description
Unrestricted file upload vulnerability in doupload.php in the Nmedia Member Conversation plugin before 1.4 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in wp-content/uploads/user_uploads.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — http://secunia.com/advisories/49375
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| nmedia | member_conversation | {"endIncluding":"1.3"} | |
| nmedia | member_conversation | 1.0 | |
| nmedia | member_conversation | 1.2 | |
| wordpress | wordpress | - | |
References
- http://packetstormsecurity.org/files/113287/WordPress-Nmedia-WP-Member-Conversation-1.35.0-Shell-Upload.html
- http://secunia.com/advisories/49375
- http://wordpress.org/extend/plugins/wordpress-member-private-conversation/changelog/
- http://www.opensyscom.fr/Actualites/wordpress-plugins-nmedia-wordpress-member-conversation-shell-upload-vulnerability.html
- http://www.securityfocus.com/bid/53790
- https://exchange.xforce.ibmcloud.com/vulnerabilities/76076
- http://packetstormsecurity.org/files/113287/WordPress-Nmedia-WP-Member-Conversation-1.35.0-Shell-Upload.html
- http://secunia.com/advisories/49375
- http://wordpress.org/extend/plugins/wordpress-member-private-conversation/changelog/
- http://www.opensyscom.fr/Actualites/wordpress-plugins-nmedia-wordpress-member-conversation-shell-upload-vulnerability.html
- http://www.securityfocus.com/bid/53790
- https://exchange.xforce.ibmcloud.com/vulnerabilities/76076
CWEs
CWE-264
Verify integrity in audit chain (admin only). AS-IS.