Popular website plugin harboured a serious 0-day for years

The flaw in the popular file uploader allows an attacker to upload files and run their own command line shell on any affected server.

Leave a Reply