#10692 closed defect (bug) (fixed)
Do not allow unfiltered uploads for admins by default
Reported by: | ryan | Owned by: | ryan |
---|---|---|---|
Milestone: | 2.8.5 | Priority: | normal |
Severity: | normal | Version: | |
Component: | Security | Keywords: | upload |
Focuses: | Cc: |
Description
When someone compromises an admin account, often one of the first things they do is upload some .php files. This is allowed because admin users have the unfiltered_upload capability. Perhaps this should be disallowed by default, with a wp-config define enabling it again. With this disallowed and all write permissions on files locked down, adding arbitrary code is much harder even when an admin account is compromised.
Attachments (1)
Change History (11)
#6
@
15 years ago
- Resolution fixed deleted
- Status changed from closed to reopened
Are you not missing a break in the case statement in the 2.8 patch ?
#7
@
15 years ago
It happens to work without the break since an imaginary cap is inserted, but the break should be there. Well-spotted.
Note: See
TracTickets for help on using
tickets.
+100
All users should be limited by the whitelist and admins should add filetypes to that with knowledge.
http://wordpress.org/extend/plugins/pjw-mime-config/