CVE-2019-25138 — The User Submitted Posts plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the usp_check_images function in versions up to, and including, 20190312. T — CVE Database · The Intelligence Room