Unrated severityNVD Advisory· Published Jun 8, 2020· Updated Aug 4, 2024
CVE-2020-12800
CVE-2020-12800
Description
The drag-and-drop-multiple-file-upload-contact-form-7 plugin before 1.3.3.3 for WordPress allows Unrestricted File Upload and remote code execution by setting supported_type to php% and uploading a .php% file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/157951/WordPress-Drag-And-Drop-Multi-File-Uploader-Remote-Code-Execution.htmlmitrex_refsource_MISC
- wordpress.org/plugins/drag-and-drop-multiple-file-upload-contact-form-7/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.