Arbitrary file upload in Omnilogic Omni Secure Files

CVE-2012-10064

Omni Secure Files plugin versions prior to 0.1.14 contain an arbitrary file upload vulnerability in the bundled plupload example endpoint. The /wp-content/plugins/omni-secure-files/plupload/examples/upload.php handler allows unauthenticate…

Vulnerability class: Unrestricted File Upload

EPSS: 0.007 (47.6th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References