CVE-2018-14028 -- wordpressID: oval:org.secpod.oval:def:2000913 | Date: (C)2019-04-22 (M)2021-09-11 |
Class: VULNERABILITY | Family: unix |
In WordPress 4.9.7, plugins uploaded via the admin area are not verified as being ZIP files. This allows for PHP files to be uploaded. Once a PHP file is uploaded, the plugin extraction fails, but the PHP file remains in a predictable wp-content/uploads location, allowing for an attacker to then execute the file. This represents a security risk in limited scenarios where an attacker cannot simply place arbitrary PHP code into a valid plugin ZIP file and upload that plugin, because a machine"s wp-content/plugins directory permissions were set up to block all new plugins.
Platform: |
Debian 8.x |
Debian 9.x |