CVE-2016-10914

CVE-2016-10914

The add-from-server plugin before 3.3.2 for WordPress has CSRF for importing a large file.

Source: CVE-2016-10914