Arbitrary File Upload Vulnerability in Crelly Slider Plugin for WordPress
CVE-2019-15866 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
The crelly-slider plugin before 1.3.5 for WordPress has arbitrary file upload via a PHP file inside a ZIP archive to wp_ajax_crellyslider_importSlider.
Learn more about our Wordpress Pen Testing.