Description

WordPress before 4.5.3 allows remote attackers to bypass the sanitize_file_name protection mechanism via unspecified vectors.

Remediation

References

CVE-2016-5839

Related Vulnerabilities

IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6024)

WordPress Plugin Telefication Server-Side Request Forgery (1.8.0)

WordPress Plugin Age Verification 'redirect_to' Parameter URI Redirection (0.4)

MongoDb Other Vulnerability (CVE-2019-20923)

LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-48008)

Severity

High

Classification

CVE-2016-5839 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities