Affected System: WordPress ReFlex Gallery 1.4 Description: Sammy FORGIT is an integrated library album plug-in. WordPress Sammy Forgit has a security vulnerability. wp-content/plugins/reflex-gallery/admin/scripts/FileUploader/php. php allows you to upload files with any extension to a folder in webroot. By submitting malicious PHP scripts, any PHP code can be exe
Release date:Updated on:
Affected Systems:WordPress ReFlex Gallery 1.4Description:--------------------------------------------------------------------------------Bugtraq id: 57100Sammy FORGIT is an integrated library album plug-in.
WordPress Sammy Forgit has a security vulnerability. wp-content/plugins/reflex-gallery/admin/scripts/FileUploader/php. php allows you to upload files with any extension to a fold
BrieflyInside the company to build internal video learning site, after a comparison of selected WordPress site construction. However, in the upload video encountered a variety of problems, the process is recorded.Cause troubleshooting1. Upload a more than 10 MB MP4 file upload progress to 100%, the media will prompt HT
These days with WordPress set up a picture station, fill in the contents of a problem when I upload pictures in the Media Library some pictures can be normal display, but the individual picture is not showing the thumbnail, this problem really let me tangled up in the afternoon. No way to find the cause of the research code, silently wear glasses hard work!
Why the picture doesn't appear
As the saying goe
How to get WordPress support to upload more file typesThis can be written in functions.php:
123456789
add_filter(‘upload_mimes‘,‘wpdit_filter_mime_types‘);functionwpdit_filter_mime_types($mimes){$mimes[‘ttf‘]=‘font/ttf‘;$mimes[‘woff‘]=‘font/woff‘;$mimes[‘svg‘]=‘font/svg‘;$mimes[‘eot‘]=‘font/eot‘;return$mimes;}
How to get WordPress support
layer, enter the watermark text, the following figure:
If we do not want to watermark too much distracting, you can see the right layer bar, adjust the watermark layer opacity to 80%, as shown:
Opacity
In this way, we will make a good image watermark. You can manually move this layer above the layer you want to watermark, and then save it.
In addition, the use of WordPress friend if you want to automatically watermark, rec
WordPress Chinese image upload automatic renameBecause of the few people in the country to upload pictures before the name of the image renamed to English, so automatic renaming is particularly important for WP, especially Linux does not support Chinese names.WordPress Upload the multimedia code are stored in \wp-admin
Release date:Updated on: 2013-09-23
Affected Systems:WordPress Lazy SEO 1.1.9Description:--------------------------------------------------------------------------------The Wordpress Lazy SEO plug-in can automatically optimize the website and optimize the search engine with specific keywords and location sets.
The Lazy SEO plug-in lazyseo. php has a security vulnerability that allows remote attackers to upload
WordPress Arbitrary File Upload Vulnerability
MustLive has discovered a vulnerability in WordPress, which can be exploited by malicious users to compromise a vulnerable system.
The application improperly validates uploaded files, which can be exploited to execute arbitrary PHP code by uploading a. phtml file with e.g. an appended ". gif" file extension.
Succes
Using a text editor, open the functions.php in the current theme directory and add the following codeCurrent_user_can (' contributor ') ! Current_user_can (' upload_files ')) Add_action (' allow_contributor_uploads ');Allow_contributor_uploads () {Get_role (' contributor ');$contributor-Add_cap (' upload_files ');}Once the above code has been executed once, the contributor's permission settings will be stored in the database, and even if you remove the above code, the contributor will still ha
WordPress WP-Property PHP file Upload Vulnerability ### This file is part of the Metasploit Framework and may be subject to # redistribution and other cial restrictions. please see the Metasploit # Framework web site for more information on licensing and terms of use. # http://metasploit.com/framework/ # Require 'msf/core' require 'msf/core/exploit/php_exe 'class Metasploit3
1, directly disable the file type detection, in the wp-config.php file, add such a sentence code define (' Allow_unfiltered_uploads ', true);2, inside the functions.php, add the following code (the most important is the yellow background that 2 sentences)://Add a role that allows regional edits to be addedAdd_role ('Dq_edit','Area Editor', Array ('Level_3'=true, 'Read'=true, 'edit_posts'=true, 'edit_published_posts'=true, 'edit_others_posts'=true, 'publish_post
milliseconds.Take wordpress 3.2.1 as an example. Open the "wp-admin/website des/file. php" www.111cn.net file and find the 327th line of code: The code is as follows: Copy code // Move the file to the uploads dir$ New_file = $ uploads ['path']. "/$ filename ";If (false ===@ move_uploaded_file ($ file ['tmp _ name'], $ new_file ))Return $ upload_error_hand
For example, this WordPress backstage upload picture question:There are no HTTP transports available which can complete the requested request.Some people say is missing the Php5-curl module's sake, my server system runs is OpenSUSE 13.1 64 bits, examines the Php5-curl the situation:
The code is as follows
Copy Code
Zypper Info Php5-curl
The Output results are as follo
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.