EIP-2026-113531
PRE-CVEWordPress Plugin Add From Server < 3.3.2 - Cross-Site Request Forgery (Arbitrary File Upload)
Title source: legacyDescription
WordPress Plugin Add From Server < 3.3.2 - Cross-Site Request Forgery (Arbitrary File Upload)
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Edwin Molenaar · textwebappsphp
https://www.exploit-db.com/exploits/40220
Details
Status
pre_cve
Tracked Since
Feb 18, 2026