Unrated severityNVD Advisory· Published May 21, 2008· Updated Jun 16, 2026
CVE-2008-2392
CVE-2008-2392
Description
Unrestricted file upload vulnerability in WordPress 2.5.1 and earlier might allow remote authenticated administrators to upload and execute arbitrary PHP files via the Upload section in the Write Tabs area of the dashboard.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*range: <=2.5.1
- (no CPE)range: <=2.5.1
Patches
Vulnerability mechanics
References
4- securityreason.com/securityalert/3897nvdThird Party Advisory
- www.securityfocus.com/archive/1/492230/100/0/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/29276nvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/42561nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.