Vulnerability CVE-2020-20969
Published: 2023-06-20

Description:
File Upload vulnerability in PluckCMS v.4.7.10 allows a remote attacker to execute arbitrary code via the trashcan_restoreitem.php file.

See advisories in our WLB2 database:
Topic
Author
Date
High
PluckCMS 4.7.10 Unrestricted File Upload
CodeSecLab
08.03.2026

Type:

CWE-264

 (Permissions, Privileges, and Access Controls)

 References:
https://github.com/pluck-cms/pluck/issues/86
Copyright 2026, cxsecurity.com

 

Back to Top