Ajax Upload For Gravity Forms Project : Security Vulnerabilities, CVEs,
Unrestricted file upload vulnerability in the Gravity Upload Ajax plugin 1.1 and earlier for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file under wp-content/uploads/gravity_forms.
Max CVSS
9.8
EPSS Score
10.99%
Published
2018-01-08
Updated
2018-02-01
1 vulnerabilities found