WordPress.org

Make WordPress Core

Ticket #10735: 009CVE2008-6767.patch

File 009CVE2008-6767.patch, 1.2 KB (added by Derevko, 9 years ago)

Only admin can upgrade wordpress. (CVE-2008-6767)

  • wp-admin/upgrade.php

    Author: Giuseppe Iuculano <giuseppe@iuculano.it>
    Description: Only admin can upgrade wordpress. (CVE-2008-6767) (Closes: #531736)
    a b define( 'WP_INSTALLING', true ); 
    1616
    1717/** Load WordPress Bootstrap */
    1818require( '../wp-load.php' );
     19if(!current_user_can('level_10'))
     20        wp_safe_redirect('../wp-login.php?upgrade');
    1921
    2022timer_start();
    2123require_once( ABSPATH . 'wp-admin/includes/upgrade.php' );
  • wp-login.php

    a b default: 
    494494        elseif  ( isset($_GET['checkemail']) && 'confirm' == $_GET['checkemail'] )      $errors->add('confirm', __('Check your e-mail for the confirmation link.'), 'message');
    495495        elseif  ( isset($_GET['checkemail']) && 'newpass' == $_GET['checkemail'] )      $errors->add('newpass', __('Check your e-mail for your new password.'), 'message');
    496496        elseif  ( isset($_GET['checkemail']) && 'registered' == $_GET['checkemail'] )   $errors->add('registered', __('Registration complete. Please check your e-mail.'), 'message');
     497        elseif  ( isset($_GET['upgrade'])) $errors->add('upgrade', __('Upgrade is needed, please log in with an admin account.'), 'message');
    497498
    498499        login_header(__('Log In'), '', $errors);
    499500