CVE-2012-10027 WP-Property CVE debrief

Who should care

WordPress site administrators, security operations centers (SOCs), web hosting providers, and organizations running legacy WordPress installations with the WP-Property plugin installed.

Technical summary

The WP-Property WordPress plugin (≤1.35.0) contains an unauthenticated arbitrary file upload vulnerability in its bundled third-party `uploadify.php` component. The script fails to implement proper authentication checks or file type validation, allowing remote attackers to upload PHP files to a server-accessible temporary directory. Successful exploitation results in remote code execution with the privileges of the web server process. This vulnerability is classified as CWE-434 (Unrestricted Upload of File with Dangerous Type). The issue has been publicly known since at least 2012 based on exploit publication dates, though formal CVE assignment occurred in 2025.

Defensive priority

CRITICAL

Recommended defensive actions

• Remove or restrict access to the vulnerable `uploadify.php` script in WP-Property plugin installations
• Upgrade WP-Property plugin to a version beyond 1.35.0 if available, or consider alternative plugins
• Implement Web Application Firewall (WAF) rules to block unauthenticated file upload attempts to known vulnerable paths
• Review and restrict file upload directories to prevent PHP execution in upload locations
• Audit WordPress installations for presence of WP-Property plugin version 1.35.0 or earlier
• Monitor for indicators of compromise including unexpected PHP files in temporary upload directories

Evidence notes

This CVE was published on 2025-08-05 and last modified on 2026-05-26. The vulnerability affects WP-Property plugin for WordPress up to and including version 1.35.0. The issue resides in a third-party `uploadify.php` script that allows unauthenticated file uploads to a temporary directory, enabling remote code execution through arbitrary PHP file uploads. The CVSS 4.0 vector indicates network attack vector with low attack complexity, no privileges required, and high impact on confidentiality, integrity, and availability. Multiple exploit references exist in Exploit-DB and Metasploit Framework. The vendor attribution is marked as low confidence and requires review, with only archive domain evidence available.

Official resources