Work The Flow File Upload < 2.4 - wp-admin/admin-ajax.php accept_file_types Parameter Manipulation File Upload Restriction Bypass



Description
See https://github.com/wpscanteam/wpscan/issues/673#issuecomment-53972233

Affects Plugin

fixed in version 2.4
- plugin closed

References

PacketStorm 126333
SecurityFocus 67083

Classification

Type UPLOAD
CWE CWE-434

Miscellaneous

Views 4329
Verified Yes
WPVDB ID 7220

Timeline

Publicly Published 2014-08-01 (almost 6 years ago)
Added 2014-08-01 (almost 6 years ago)
Last Updated 2019-10-21 (9 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin