CVE-2021-24145

CVE-2021-24145

Arbitrary file upload in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not properly check the imported file, allowing PHP ones to be uploaded by administrator by using the ‘text/csv’ content-type in the request.

Source: CVE-2021-24145

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다