WP Ultimate CSV Importer < 6.4.1 - Subscriber+ Arbitrary File Upload. Lack of authorisation and CSRF checks in zip file upload allows RCE
Source | Link |
---|---|
plugins | www.plugins.trac.wordpress.org/changeset/2656346/ |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo