CVE-2019-25138
The CVE-2019-25138 entry concerns the WordPress plugin “User Submitted Posts.” Affected component: usp_check_images, vulnerable through missing file type validation in versions up to and including 20190312. Impact: unauthenticated attackers can upload arbitrary files to the server, with potential...