WordPress.wpDiscuz.Plugin.Arbitrary.File.Upload
Description
This indicates an attack attempt to exploit an Arbitrary File Upload Vulnerability in Wordpress Plugin wpDiscuz.
The vulnerability is due to insufficient input validation while uploading files. A remote, unauthenticated attacker can exploit this vulnerability by uploading a crafted file to the target server. Results in the writing of an arbitrary file to the target server, potentially leading to the execution of arbitrary code.
Affected Products
Wordpress Plugin wpDiscuz version 7.0.4
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://plugins.trac.wordpress.org/changeset/2345429/wpdiscuz
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |