WordPress modules holed by Uploadify
"Uploadify", a jQuery plugin used by many WordPress themes and plugins, is opening up systems that use it to unrestricted uploading of files and, in turn, allows execution of arbitrary code on the server. A Metasploit module already exists for one plugin, FoxyPress, that uses Uploadify.
Uploadify is a jQuery plugin for bundling together multiple files for uploading to a server, while FoxyPress is an eCommerce module that allows the WordPress blogging platform to be used for sales and marketing. FoxyPress versions 0.4.2.1 and earlier are vulnerable to the Metasploit module and other forms of attack. Users should update to FoxyPress 0.4.2.3.
The Uploadify problem is not restricted to FoxyPress though: IT Pixie has produced a list of plugins and themes that have been rendered vulnerable. Security researcher Darren Martyn noted in a blog post that numerous exploits being published on PacketStorm and Exploit-DB were related to WordPress plugins and were in turn enabled by the use of Uploadify.
Webmasters should check their servers to see if they are using a vulnerable version of Uploadify and whether there is an update to the plugin that uses it. The PHP module is usually found in a path such as "uploadify/uploadify.php", "uploader/uploadify.php" or "uploadify/upload.php".
(djwm)