The add-from-server plugin before 3.3.2 for WordPress has CSRF for importing a large file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected