Security Advisory

CVE-2018-17573

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-09-28 05:00:00

Last updated 2024-08-05 10:54:10

Assigner mitre

State PUBLISHED

Description

The Wp-Insert plugin through 2.4.2 for WordPress allows upload of arbitrary PHP code because of the exposure and configuration of FCKeditor under fckeditor/editor/filemanager/browser/default/browser.html, fckeditor/editor/filemanager/connectors/test.html, and fckeditor/editor/filemanager/connectors/uploadtest.html.

← Browse all CVEs View on cve.org ↗