CVE-2011-10041 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Uploadify WordPress plugin versions up to and including 1.0 contain an arbitrary file upload vulnerability in process_upload.php due to missing file type valida…
Critical CVSS: 9.3

CVE-2011-10041

Uploadify WordPress plugin versions up to and including 1.0 contain an arbitrary file upload vulnerability in process_upload.php due to missing file type validation. An unauthenticated remote attacker can upload arbitrary files to the affected WordPress site, which may allow remote code execution by uploading executable content to a web-accessible location.
Vendor
-
Product
-
CWE
CWE-434
Yayın Tarihi
2026-01-15 22:16:08
Güncelleme
2026-01-20 16:16:00
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-434 CRITICAL 2026

Referanslar

https://packetstorm.news/files/id/98652 https://wpscan.com/vulnerability/6946364c-9764-468e-87d5-2dd57e531985/ https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-uploadify-remote-file-upload-1-0/ https://www.vulncheck.com/advisories/uploadify-unauthenticated-arbitrary-file-upload https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/uploadify/uploadify-10-arbitrary-file-upload https://packetstorm.news/files/id/98652