The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.24.12 via the 'wfu_ABSPATH' cookie parameter. This makes it possible for unauthenticated attackers to execute code on the server.

Beagle Security Web Application Vulnerabilities Index


The web application vulnerabilities index lists vulnerabilities according to its severity and is classified by the compliance standard it falls under.

Highlights

  • Assesses severity for software and services.
Listed: