ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <=4.9 - Authenticated JavaScript File Upload vulnerability

Product
WordPress
Description
Authenticated JavaScript File Upload vulnerability found in WordPress (versions <=4.9)
Solution
Update the WordPress to the latest available version (at least 4.9.1).
Classification
Type BYPASS
OWASP Top 10 A2: Broken Authentication and Session Management
References
Release information
CVE
Name CVE-N/A
Versions
Affected In <=4.9
Fixed In 4.9.1
Disclosure date
2017-12-01
Submitter
ThreatPress