CVE-2025-53315 WordPress Relocate Upload plugin <= 0.24.1 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in alanft Relocate Upload allows Stored XSS. This issue affects Relocate Upload: from n/a through 0.24.1...

CVE-2012-1205

PHP remote file inclusion vulnerability in relocate-upload.php in Relocate Upload plugin before 0.20 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter...

Wordpress Relocate Upload Plugin 0.14 Remote File Inclusion

在relocate-upload.php文件第16行,没有对传入的abspath进行过滤,导致任意文件本地远程文件包含 if isset$GET'rufolder' // WP setup and function access define'WPUSETHEMES', false; requireonceurldecode$GET'abspath'.'/wp-load.php'; // save us looking for it, it's passed as a GET parameterarameter...

CVE-2012-1205

PHP remote file inclusion vulnerability in relocate-upload.php in Relocate Upload plugin before 0.20 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter...