(mt):WordPress User Photo plugin vulnerability

This page was last modified on February 18, 2011, at 15:27.

The (mt) Community Wiki is a collaborative project. Any (mt) Media Temple customer or employee may contribute. Not all articles and/or content have been tested for accuracy by (mt) Media Temple.

For officially moderated and tested articles, be sure to visit our KnowledgeBase.

From (mt) Community Wiki

Overview

An older version of the WordPress plugin, “User Photo”, has been shown to be exploitable. A review of the exploit is posted here. In brief, the exploit allows a user to upload a file other than a photo and execute code. The plugin should be updated and to the most recent version of 0.9.5.1.

Solution

You can download the most recent version from here. Alternatively, you should be able to update the plugin from within the plugins area of your WordPress Dashboard.

Notes/Supplemental

(gs):Harden Wordpress

Retrieved from "http://wiki.mediatemple.net/w/(mt):WordPress_User_Photo_plugin_vulnerability"

Categories: Security | WordPress

(mt) Media Temple, Inc. - Web Hosting Built to Scale.

Community Wiki

(mt):WordPress User Photo plugin vulnerability

From (mt) Community Wiki

Overview

Solution

Notes/Supplemental