CVE-2016-15033
CVE-2016-15033 affects the WordPress Delete All Comments plugin (versions up to 2.0). The root cause is missing file type validation in delete-all-comments.php, enabling unauthenticated attackers to upload arbitrary files to the server, with potential remote code execution. Documented impact is a...