10 matches found
EUVD-2021-34801
WordPress Plugin Download From Files version 1.48 and earlier contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by exploiting the AJAX fileupload action. Attackers can send POST requests to the admin-ajax.php endpoint with the...
CVE-2021-47940
WordPress Plugin Download From Files version 1.48 and earlier contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by exploiting the AJAX fileupload action. Attackers can send POST requests to the admin-ajax.php endpoint with the...
CVE-2021-47940 WordPress Download From Files 1.48 Arbitrary File Upload
WordPress Plugin Download From Files version 1.48 and earlier contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by exploiting the AJAX fileupload action. Attackers can send POST requests to the admin-ajax.php endpoint with the...
CVE-2021-47940
WordPress Plugin Download From Files version 1.48 and earlier contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by exploiting the AJAX fileupload action. Attackers can send POST requests to the admin-ajax.php endpoint with the...
CVE-2021-47940 WordPress Download From Files 1.48 Arbitrary File Upload
WordPress Plugin Download From Files version 1.48 and earlier contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by exploiting the AJAX fileupload action. Attackers can send POST requests to the admin-ajax.php endpoint with the...
CVE-2021-47940
The CVE is for WordPress Plugin Download From Files prior to v1.49. An arbitrary file upload vulnerability exists when unauthenticated users exploit the AJAX fileupload action via admin-ajax.php (download_from_files_617_fileupload), bypassing file-type restrictions with allowExt and uploading exe...
WordPress plugin Download From Files 访问控制错误漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...
PT-2026-39515
WordPress Plugin Download From Files version 1.48 and earlier contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by exploiting the AJAX fileupload action. Attackers can send POST requests to the admin-ajax.php endpoint with the download...
Wordpress plugin Download From Files arbitrary file upload vulnerability
WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. WordPress Download From Files is a file relay and download software. An attacker can use the vulnerability to upload webshell and gain server privileges...
Wordpress Download From Files 1.48 Plugin - Arbitrary File Upload Exploit
Exploit Title: Wordpress Plugin Download From Files 1.48 - Arbitrary File Upload Google Dork: inurl:/wp-content/plugins/download-from-files Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugins/download-from-files/ Version: spacehen www.github.com/spacehen" def printusage:...