1 results (0.003 seconds)
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10929 – Advanced AJAX Page Loader < 2.7.7 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2016-10929
03 Jul 2016 — The advanced-ajax-page-loader plugin before 2.7.7 for WordPress has no protection against the reading of uploaded files when not logged in. El plugin advanced-ajax-page-loader anterior a la versión 2.7.7 para WordPress no tiene protección contra la lectura de archivos cargados cuando no está conectado. The Advanced AJAX Page Loader plugin before 2.7.7 for WordPress has no protection against the reading of uploaded files when not logged in. • https://wordpress.org/plugins/advanced-ajax-page-loader/#developers • CWE-264: Permissions, Privileges, and Access Controls CWE-434: Unrestricted Upload of File with Dangerous Type •