Duncanmcclean

**Name of the Vulnerable Software and Affected Versions** Guest Entries versions prior to 3.1.2 **Description** The file uploads feature in Guest Entries did not prevent the upload of PHP files, which may lead to code execution on the server by authenticated users. **Recommendations** For versions prior to 3.1.2, upgrade to version 3.1.2 to fix the vulnerability. As a temporary workaround, consider disabling the file uploads feature until the upgrade is applied. Restrict access to the file uploads functionality to minimize the risk of exploitation.