The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.24.12 via the 'wfu_ABSPATH' cookie parameter. This makes it possible for unauthenticated attackers to execute code on the server.

Cybersecurity Excellence Awards


The annual Cybersecurity Excellence Awards honor individuals and companies that demonstrate excellence, innovation and leadership in information security.

Listed: