CVE-2014-4972
CVE-2014-4972 concerns the WordPress Gravity Upload Ajax plugin, affected through version 1.1 and earlier. The vulnerability is an unrestricted/arbitrary file upload in the plugin, allowing a remote attacker to upload a file with an executable extension and then access it via a direct request to ...