Critical severity9.8NVD Advisory· Published Apr 12, 2021· Updated Jun 17, 2026
CVE-2021-24223
CVE-2021-24223
Description
The N5 Upload Form WordPress plugin through 1.0 suffers from an arbitrary file upload issue in page where a Form from the plugin is embed, as any file can be uploaded. The uploaded filename might be hard to guess as it's generated with md5(uniqid(rand())), however, in the case of misconfigured servers with Directory listing enabled, accessing it is trivial.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/N5 Upload Formdescription
- Range: <=1.0
Patches
Vulnerability mechanics
References
2- github.com/jinhuang1102/CVE-ID-Reports/blob/12863f80ced5361e2e2c3f7209566ab3730aa37b/N5_upload.mdnvdExploitThird Party Advisory
- wpscan.com/vulnerability/d7a72183-0cd1-45de-b98b-2e295b27e5dbnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.