The Prevent files/folders access plugin for WordPress is vulnerable to a security issue in versions up to and including 2.5.1. This means that users with administrator-level access can upload files to the affected site’s server which could potentially allow remote code execution. This is due to the fact that the plugin does not validate the type of file that is being uploaded.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
