4 matches found
CVE-2016-10958
The estatik plugin before 2.3.0 for WordPress has unauthenticated arbitrary file upload via esmediaimages to wp-admin/admin-ajax.php...
CVE-2016-10958
The estatik plugin before 2.3.0 for WordPress has unauthenticated arbitrary file upload via esmediaimages to wp-admin/admin-ajax.php...
CVE-2016-10958
The estatik plugin before 2.3.0 for WordPress has unauthenticated arbitrary file upload via esmediaimages to wp-admin/admin-ajax.php...
CVE-2016-10958
The CVE-2016-10958 entry concerns the Estatik WordPress plugin (before 2.3.0) with unauthenticated arbitrary file upload via es_media_images[] to wp-admin/admin-ajax.php. This is a concrete vulnerability detail; CVSS metrics indicate high severity (C/I) with network access. Public details confirm...