WordPress File Upload plugin directory traversal. It’s possible to use the directory traversal to gain RCE by uploading a file (doesn’t matter the extension) inside the /lib directory of the plugin. More details here https://github.com/beerpwn/CVE/tree/master/WP-File-Upload_disclosure_report
CPE | Name | Operator | Version |
---|---|---|---|
wp-file-upload | lt | 4.13.0 |