CVE-2015-9479 – ACF Frontend Display <= 2.0.6 - Unauthenticated Arbitrary File Upload

https://notcve.org/view.php?id=CVE-2015-9479

The ACF-Frontend-Display plugin through 2015-07-03 for WordPress has arbitrary file upload via an action=upload request to js/blueimp-jQuery-File-Upload-d45deb1/server/php/index.php. El plugin ACF-Frontend-Display hasta el 03-07-2015 para WordPress, presenta una carga arbitraria de archivos por medio de una petición action=upload en el archivo js/blueimp-jQuery-File-Upload-d45deb1/server/php/index.php. The ACF-Frontend-Display plugin through 2.0.6 for WordPress has arbitrary file upload via an action=upload request to js/blueimp-jQuery-File-Upload-d45deb1/server/php/index.php. • https://packetstormsecurity.com/files/132590 • CWE-434: Unrestricted Upload of File with Dangerous Type •