to me it seems like hes trying to say that someone with administrative access has the ability to....have administrative access. Its like saying "Hey guys! I found a local exploit and all it requires is to be a root user!!!"
I'm not sure if he's trolling or just stupid. On Thu, Jun 21, 2012 at 7:42 AM, Greg Knaddison <[email protected]> wrote: > On Wed, Jun 20, 2012 at 8:04 PM, Denis Andzakovic > <[email protected]> wrote: >> >> Exploitation of this vulnerability requires a malicious user with >> access to the admin panel to use the >> "/wp-admin/plugin-install.php?tab=upload" page to upload a malicious >> file. > > > That tool is meant to allow an admin to upload arbitrary php plugins. You > can argue that this feature is insecure by design, but there are two > solutions from the WordPress perspective: > > 1) "Don't grant malicious users the permission to install plugins." > 2) If you don't want this feature on your site at all, this feature can be > disabled in the config define( 'DISALLOW_FILE_MODS', TRUE); > > By the way, two more "vulnerabilities" the theme installer has this same > issue and the upgrade tool could also be abused if you can poison the DNS of > the server. > > Regards, > Greg > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
