| |
Vulnerability CVE-2022-3989
Published: 2022-12-12
| Description: |
The Motors WordPress plugin before 1.4.4 does not properly validate uploaded files for dangerous file types (such as .php) in an AJAX action, allowing an attacker to sign up on a victim's WordPress instance, upload a malicious PHP file and attempt to launch a brute-force attack to discover the uploaded payload. |
Type:
CWE-434 (Unrestricted Upload of File with Dangerous Type)
References: |
https://wpscan.com/vulnerability/1bd20329-f3a5-466d-81b0-e4ff0ca32091
|
|
|
closedb();
?>
Copyright 2026, cxsecurity.com
|
|
|