3 matches found
CVE-2021-24311
The wpajaxupload-remote-file AJAX action of the External Media WordPress plugin before 1.0.34 was vulnerable to arbitrary file uploads via any authenticated users...
CVE-2021-24311
The CVE-2021-24311 entry concerns the WordPress External Media plugin prior to version 1.0.34. The vulnerability stems from the wp_ajax_upload-remote-file AJAX action, allowing authenticated users to upload arbitrary files. This could enable execution or storage of attacker-supplied content, depe...
CVE-2021-24311 External Media < 1.0.34 - Authenticated Arbitrary File Upload
The wpajaxupload-remote-file AJAX action of the External Media WordPress plugin before 1.0.34 was vulnerable to arbitrary file uploads via any authenticated users...