CVE-2022-0687

CVE-2022-0687

The Amelia WordPress plugin before 1.0.47 stores image blobs into actual files whose extension is controlled by the user, which may lead to PHP backdoors being uploaded onto the site. This vulnerability can be exploited by logged-in users with the custom "Amelia Manager" role.

Source: CVE-2022-0687

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다