Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in the File Upload plugin before 4.13.0 for WordPress. A directory traversal can lead to remote code execution by uploading a crafted txt file into the lib directory, because of a wfu_include_lib call.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WordPress File Upload 路径遍历漏洞
Vulnerability Description
WordPress是WordPress基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。File Upload是使用在其中的一个文件上传插件。 WordPress File Upload 4.13.0之前版本中存在路径遍历漏洞。远程攻击者可通过将特制的txt文件上传到lib目录中利用该漏洞执行代码。
CVSS Information
N/A
Vulnerability Type
N/A