CVE-2015-10140

Vulnerability Description

The Ajax Load More plugin before 2.8.1.2 does not have authorisation in some of its AJAX actions, allowing any authenticated users, such as subscriber, to upload and delete arbitrary files.

Vulnerability Details

Published Date

July 22, 2025

Last Modified

January 09, 2026

Source

NVD

CVE-2015-10140

Vulnerability Description

Vulnerability Details

Discussion (0)

Add Comment