EUVD-2021-11137

Malware in sbrugna...

WordPress Plugin Arbitrary File Upload Vulnerability

WordPress Plugin is an open source application plugin for WordPress. WordPress plugin N5 Upload Form version 1.0 has an arbitrary file upload vulnerability that can be exploited by attackers to upload arbitrary files...

CVE-2021-24223

The CVE-2021-24223 entry corresponds to the WordPress N5 Upload Form plugin (version 1.0 and earlier) and describes an arbitrary file upload vulnerability in pages where a Form is embedded. The underlying issue is the ability to upload arbitrary files, with uploaded filenames generated via md5(un...

CVE-2021-24223 N5 Upload Form <= 1.0 - Unauthenticated Arbitrary File Upload to RCE

The N5 Upload Form WordPress plugin through 1.0 suffers from an arbitrary file upload issue in page where a Form from the plugin is embed, as any file can be uploaded. The uploaded filename might be hard to guess as it's generated with md5uniqidrand, however, in the case of misconfigured servers...

WordPress 插件 代码问题漏洞

WordPress Plugin is an open source application plugin for WordPress. WordPress plugin N5 Upload Form version 1.0 has an arbitrary file upload vulnerability that can be exploited by attackers to upload arbitrary files...

WordPress N5 Upload Form plugin <= 1.0 - Unauthenticated Arbitrary File Upload vulnerability leading to Remote Code Execution (RCE)

Unauthenticated Arbitrary File Upload vulnerability leading to Remote Code Execution RCE discovered by Jin Huang in WordPress N5 Upload Form plugin versions = 1.0. Solution Plugin closed. Deactivate and delete...

N5 Upload Form <= 1.0 - Unauthenticated Arbitrary File Upload to RCE

The plugin suffers from an arbitrary file upload issue in page where a Form from the plugin is embed, as any file can be uploaded. The uploaded filename might be hard to guess as it's generated with md5uniqidrand, however, in the case of misconfigured servers with Directory listing enabled,...