CVE-2020-24186

Published: 2020-08-24T14:15Z

Last Modified: 2024-11-21T05:14Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allows unauthenticated users to upload any type of file, including PHP files via the wmuUploadFiles AJAX action. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt