Vulnerability CVE-2022-3921
Published: 2022-12-12

Description:
The does not validate files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files and lead to RCE

Type:

CWE-434

 (Unrestricted Upload of File with Dangerous Type)

 References:
https://wpscan.com/vulnerability/e39b59b0-f24f-4de5-a21c-c4de34c3a14f
Copyright 2026, cxsecurity.com

 

Back to Top