[wp-hackers] WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution

Matt Martz matt at sivel.net
Wed Nov 11 20:34:11 UTC 2009

> Couldn't you just block anything with *.php.* from being uploaded thru
> wordpress?

Ryan has opened a ticket for this and has already attached a patch.


Just thought you guys would be interested.

Matt Martz
matt at sivel.net

More information about the wp-hackers mailing list