[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fWRSGuwNsit1U1Um2L8Qiznv6MfGvqrjE7w7iNoIx3Eo":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"WF-8ada8a27-752c-4726-b330-895b967ea290-wp-file-upload","wordpress-file-upload-arbitrary-file-upload-3","WordPress File Upload \u003C 3.9.0 - Arbitrary File Upload","The WordPress File Upload plugin is vulnerable to arbitrary file uploads due to insufficient file type validation in versions up to, and including, 3.8.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.","wp-file-upload",null,"\u003C3.9.0","3.9.0","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Unrestricted Upload of File with Dangerous Type","2016-06-23 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F8ada8a27-752c-4726-b330-895b967ea290?source=api-prod",2770]