The Asgaros Forum WordPress plugin prior to 2.7.1 allows forum administrators, who may not be WordPress (super-)administrators, to set insecure configuration that allows unauthenticated users to upload dangerous files (e.g. .php, .phtml), potentially leading to remote code execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
asgaros asgaros forum |