Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 6 Mar 2012 09:31:22 +0200
From: Henri Salo <>
Subject: CVE-request: Kish Guest Posting Plugin for WordPress File Upload
 Remote PHP Code Execution

Can we assign CVE-identifier for this security vulnerability, thanks.

Plugin is disabled in WordPress (doesn't show up in, but SVN can be found from here:

File says:

= 1.2 =
security update for Uploadify Script

But I haven't tested (yet) if that is valid fix for the vulnerability.

- Henri Salo

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ