Launchpad CVE tracker

CVE 2008-2392

Unrestricted file upload vulnerability in WordPress 2.5.1 and earlier might allow remote authenticated administrators to upload and execute arbitrary PHP files via the Upload section in the Write Tabs area of the dashboard.

Related bugs and status

CVE-2008-2392 (Candidate) is related to these bugs:

Bug #227547: ubuntu wordpress should suppress the "please update" warning

		In	Importance	Status
227547	ubuntu wordpress should suppress the "please update" warning	wordpress (Ubuntu)	Wishlist	Fix Released
227547	ubuntu wordpress should suppress the "please update" warning	wordpress (Debian)	Undecided	Fix Released
227547	ubuntu wordpress should suppress the "please update" warning	wordpress (Ubuntu Intrepid)	Undecided	Fix Released
227547	ubuntu wordpress should suppress the "please update" warning	wordpress (Ubuntu Hardy)	Undecided	Fix Released

Bug #237348: Please merge wordpress 2.5.1-4ubuntu1 (universe) from Debian unstable

Summary				In	Importance	Status
	237348	Please merge wordpress 2.5.1-4ubuntu1 (universe) from Debian unstable		wordpress (Ubuntu)	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2008-2392

References