Nmedia Users File Uploader plugin for WordPress Multiple Security Vulnerabilities
BID:52964
Info
Nmedia Users File Uploader plugin for WordPress Multiple Security Vulnerabilities
| Bugtraq ID: | 52964 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 10 2012 12:00AM |
| Updated: | Apr 10 2012 12:00AM |
| Credit: | The vendor |
| Vulnerable: |
Nmedia Users File Uploader Plugin 1.7 |
| Not Vulnerable: |
Nmedia Users File Uploader Plugin 1.8 |
Discussion
Nmedia Users File Uploader plugin for WordPress Multiple Security Vulnerabilities
Nmedia Users File Uploader plugin for WordPress is prone to the following security vulnerabilities:
1. An arbitrary file-upload vulnerability
2. An unspecified vulnerability
An attacker can exploit the arbitrary file-upload vulnerability to upload arbitrary code and run it in the context of the affected application. The impact of the unspecified vulnerability is currently unknown, we will update the BID when more information emerges.
Versions prior to Nmedia Users File Uploader plugin 1.8 are vulnerable.
Nmedia Users File Uploader plugin for WordPress is prone to the following security vulnerabilities:
1. An arbitrary file-upload vulnerability
2. An unspecified vulnerability
An attacker can exploit the arbitrary file-upload vulnerability to upload arbitrary code and run it in the context of the affected application. The impact of the unspecified vulnerability is currently unknown, we will update the BID when more information emerges.
Versions prior to Nmedia Users File Uploader plugin 1.8 are vulnerable.
Exploit / POC
Nmedia Users File Uploader plugin for WordPress Multiple Security Vulnerabilities
Attackers can use a browser to exploit the arbitrary file-upload vulnerability.
Attackers can use a browser to exploit the arbitrary file-upload vulnerability.
Solution / Fix
Nmedia Users File Uploader plugin for WordPress Multiple Security Vulnerabilities
Solution:
Updates are available. Please see the reference for more details.
Solution:
Updates are available. Please see the reference for more details.
References
Nmedia Users File Uploader plugin for WordPress Multiple Security Vulnerabilities
References:
References:
- Users File Uploader Plugin Homepage (Nmedia)