CVE-2021-24216
All-in-One WP Migration < 7.41 - Admin+ Arbitrary File Upload to RCE
The All-in-One WP Migration WordPress plugin before 7.41 does not validate uploaded files' extension, which allows administrators to upload PHP files on their site, even on multisite installations.
Affected products
Unknown · All-in-One WP MigrationWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →