CVE-2021-24123

Posted on by admin

CVE-2021-24123

Arbitrary file upload in the PowerPress WordPress plugin, versions before 8.3.8, did not verify some of the uploaded feed images (such as the ones from Podcast Artwork section), allowing high privilege accounts (admin+) being able to upload arbitrary files, such as php, leading to RCE.

Source: CVE-2021-24123

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다