RSS   Podatności dla 'Access demo importer'   RSS

2021-10-11
 
CVE-2021-39317

CWE-434
 

 
Versions up to, and including, 1.0.6, of the Access Demo Importer WordPress plugin are vulnerable to arbitrary file uploads via the plugin_offline_installer AJAX action due to a missing capability check in the plugin_offline_installer_callback function found in the ~/inc/demo-functions.php.

 

 >>> Vendor: Accesspressthemes 9 Produkty
Ultimate-form-builder-lite
Anonymous post pro
Wp floating menu
Accesspress social icons
Access demo importer
Wp cookie user info
Form store to db
Ap custom testimonial
Ap mega menu


Copyright 2024, cxsecurity.com

 

Back to Top