CVE-2021-24216 (one-stop_wp_migration)

The All-in-One WP Migration WordPress plugin before 7.41 does not validate uploaded files' extension, which allows administrators to upload PHP files on their site, even on multisite installations.

Original Article

Leave a Reply

Your email address will not be published. Required fields are marked *