9.8 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
62.3%
The WordPress Flash Uploader plugin before 3.1.3 for WordPress allows remote attackers to execute arbitrary commands via vectors related to invalid characters in image_magic_path.
wordpress.org/plugins/wordpress-flash-uploader/changelog/
wordpress.org/support/topic/vulnerability-discovered-2/