An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata.
Simon Scannell (RIPS Technologies)
Ryan Dewhurst
No
2019-02-19 (about 3 years ago)
2019-02-28 (about 3 years ago)
2020-09-22 (about 2 years ago)