RSS   Vulnerabilities for 'One click demo import'   RSS

2022-04-11
 
CVE-2022-1008

CWE-434
 

 
The One Click Demo Import WordPress plugin before 3.1.0 does not validate the imported file, allowing high privilege users such as admin to upload arbitrary files (such as PHP) even when FILE_MODS and FILE_EDIT are disallowed

 


Copyright 2024, cxsecurity.com

 

Back to Top