[WordPress Auto Featured Image (Auto Post Thumbnail) Plugin](versions 3.9.16 and older) Vulnerability to Arbitrary File Upload

Importance (CVSS3.0)

★★★★★★★★★☆　9.1 / 10 - Chritical

Details

A vulnerability of Arbitrary File Upload was discovered in WordPress Auto Featured Image (Auto Post Thumbnail) Plugin.

This vulnerability may allow malicious attackers to upload any type of files to the websites.

This vulnerability is fixed in version 3.9.16

Solutions

Update WordPress Auto Featured Image (Auto Post Thumbnail) Plugin to the latest version (at least 3.9.16 and newer)

Source

CVE-2023-0477

Vulnerability details

We provide information about critical vulnerabilities of WordPress for people who are using or are considering using Wordpress for their projects.

[WordPress Auto Featured Image (Auto Post Thumbnail) Plugin](versions 3.9.16 and older) Vulnerability to Arbitrary File Upload, by WS Security is licensed under CC BY 4.0.