WordPress Default Thumbnail Plus plugin <= 1.0.2.3 - Authenticated (Contributor+) Arbitrary File Upload vulnerability

Authenticated Contributor+ Arbitrary File Upload vulnerability discovered by István Márton in WordPress Plugin Default Thumbnail Plus versions = 1.0.2.3...

WordPress plugin Default Thumbnail Plus security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...