Critical severity9.8NVD Advisory· Published Mar 13, 2020· Updated Jun 17, 2026
CVE-2020-10564
CVE-2020-10564
Description
An issue was discovered in the File Upload plugin before 4.13.0 for WordPress. A directory traversal can lead to remote code execution by uploading a crafted txt file into the lib directory, because of a wfu_include_lib call.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <4.13.0
Patches
Vulnerability mechanics
References
3- github.com/beerpwn/CVE/tree/master/WP-File-Upload_disclosure_report/nvdExploitThird Party Advisory
- wordpress.org/plugins/wp-file-upload/nvdRelease NotesVendor Advisory
- wpvulndb.com/vulnerabilities/10132nvdThird Party Advisory
News mentions
0No linked articles in our index yet.