Description
In WordPress before 4.9.9 and 5.x before 5.0.1, authors could modify metadata to bypass intended restrictions on deleting files.
Remediation
References
Related Vulnerabilities
WordPress Plugin Magn WP Drag and Drop Upload Arbitrary File Upload (1.1.4)
Perl Out-of-bounds Write Vulnerability (CVE-2018-6797)
Joomla CVE-2018-15881 Vulnerability (CVE-2018-15881)
Oracle Application Server Other Vulnerability (CVE-2002-1089)
WordPress Plugin WP Fastest Cache Directory Traversal (0.8.9.5)