Description

The file upload functionality in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2, when running "on hosts with dangerous security settings," has unknown impact and attack vectors, possibly related to dangerous filenames.

Remediation

References

CVE-2011-3129

Related Vulnerabilities

WordPress Plugin Remove Yoast SEO comments Unspecified Vulnerability (1.0.4)

Oracle Database Server CVE-2021-35576 Vulnerability (CVE-2021-35576)

WebLogic CVE-2022-21252 Vulnerability (CVE-2022-21252)

ownCloud Improper Access Control Vulnerability (CVE-2016-9467)

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33941)

Severity

Critical

Classification

CVE-2011-3129 CWE-264

Tags

Missing Update Known Vulnerabilities