CVE-2009-3890

Name of the Vulnerable Software and Affected Versions WordPress versions prior to 2.8.6

Description The issue allows remote authenticated users to execute arbitrary code by posting an attachment with a multiple-extension filename and then accessing this attachment via a direct request to a wp-content/uploads/ pathname. This can be achieved by exploiting the unrestricted file upload vulnerability in the wp check filetype function. For example, an attacker could use a .php.jpg filename to execute arbitrary code.

Recommendations For versions prior to 2.8.6, update to version 2.8.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the wp-content/uploads/ directory to minimize the risk of exploitation. Avoid using the wp check filetype function until the issue is resolved.