7.1 High
AI Score
Confidence
Low
0.284 Low
EPSS
Percentile
96.8%
Cross-site request forgery (CSRF) vulnerability in the LocalFiles Editor plugin in Piwigo before 2.4.7 allows remote attackers to hijack the authentication of administrators for requests that create arbitrary PHP files via unspecified vectors.