The WordPress File Upload WordPress... CVE-2021-24960
3.5
AV
AC
AU
C
I
A
发布:
2022-03-07
修订:
2024-11-21
The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 allows users with a role as low as Contributor to configure the upload form in a way that allows uploading of SVG files, which could be then be used for Cross-Site Scripting attacks
漏洞利用/PoC
暂无可用Exp或PoC
受影响的平台与产品
当前有2条受影响产品信息
