WordPress WP-Syntax Plugin <= 0.9.1 - Remote Command Execution

wp-syntax

Software
WP Syntax
Versions
<= 0.9.1
Disclosure date
2009-08-27
CVE
CVE-2009-2852
References
Credits
Classification
Arbitrary Code Execution
OWASP Top 10

Are your websites subject to this vulnerability?

Details

In general, WP-Syntax plugin is the most popular plugin for WordPress to provide clean syntax highlighting for embedding source code within pages or posts. It uses the library, called GeShi, that implements all the functionality to review the syntax for each language HTML-code. The vulnerability of this plugin is that the script works outside the context of WordPress. There is successfully executing arbitrary code, called call_user_func_array(). Also, there are several valid sequences of function calls that let execute any code.

Solution

Update the plugin.

Found a vulnerability that puts your sites at risk?

Found a vulnerability? Help us secure the web and join our community of ethical hackers.

Are you the developer of this software? Hire our researchers for a thorough security audit.