CVE-2012-10064P1CRITICALCVSS 9.3Exploitedfixed in 0.1.142026-01-16
CVE-2012-10064 [CRITICAL] CWE-434 CVE-2012-10064: Omni Secure Files plugin versions prior to 0.1.14 contain an arbitrary file upload vulnerability in
Omni Secure Files plugin versions prior to 0.1.14 contain an arbitrary file upload vulnerability in the bundled plupload example endpoint. The /wp-content/plugins/omni-secure-files/plupload/examples/upload.php handler allows unauthenticated uploads without enforcing safe file type restrictions, enabling an attacker to place attacker-controlled file
nvd