Description
WordPress Plugin is_human() is prone to a remote command injection vulnerability because it fails to properly sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary commands in the context of the application. WordPress Plugin is_human() versions 1.4.2 and prior are vulnerable.
Remediation
Disable the plugin
References
http://www.securityfocus.com/bid/47883/exploit
http://www.exploit-db.com/exploits/17299/
http://secunia.com/advisories/44627
http://packetstormsecurity.com/files/view/101497/ishuman-exec.txt
Related Vulnerabilities
Oracle JRE CVE-2020-2830 Vulnerability (CVE-2020-2830)
MySQL CVE-2016-5584 Vulnerability (CVE-2016-5584)
MediaWiki Incorrect Authorization Vulnerability (CVE-2022-29906)
Oracle Database Server CVE-2006-0291 Vulnerability (CVE-2006-0291)
WordPress Plugin WooCommerce Address Book Cross-Site Request Forgery (1.5.6)