Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager, 3bdad0feaa5bdbc2bfd5501516c5373d4b9d49be
- CVE, Research URL
- Home page URL
- Application
-
Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager
- Published on
- Aug 25, 2023
- Research Description
- Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager [folders] < 2.9.3 Folders <= 2.9.2 - Authenticated (Author+) Arbitrary File Upload The Folders plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the handle_folders_file_upload function in versions up to, and including, 2.9.2. This makes it possible for authors or higher to upload arbitrary files on the affected site's server which may make remote code execution possible.
- Affected versions
-
max 2.9.3.
- Status
-
vulnerable