Description
The file upload functionality in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2, when running "on hosts with dangerous security settings," has unknown impact and attack vectors, possibly related to dangerous filenames.
Remediation
References
Related Vulnerabilities
WordPress Plugin Hot Files:File Sharing and Download Manager Cross-Site Scripting (1.0.0)
WordPress Plugin WP Fast Cache Multiple Vulnerabilities (1.4)
WordPress Plugin Welcart e-Commerce SQL Injection (2.0.0)
Magento Insufficient Verification of Data Authenticity Vulnerability (CVE-2019-8124)
Oracle Database Server CVE-2019-2913 Vulnerability (CVE-2019-2913)