Lucene search
China National Vulnerability DatabaseCNVD-2022-67602HistoryMar 25, 2022 - 12:00 a.m.
WordPress Ninja Forms-File Uploads Extension Plugin Arbitrary File Uploads Vulnerability
2022-03-2500:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
0.013 Low
EPSS
Percentile
85.9%
WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress plugin is an application plugin for WordPress. WordPress Ninja Forms - File Uploads Extension Plugin 3.30 and earlier versions are vulnerable to arbitrary file uploads, which vulnerability stems from the program not validating the correct input for the file type of ~/include/ajax/controller/uploads.php. An attacker could use this vulnerability to upload malicious files that could be used to execute remote code.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress ninja forms - file uploads extension | le | 3.3.0 |
Related
prion
prion
Input validation
2022-03-23 20:15:00
wpvulndb
wpvulndb
patchstack
patchstack
nvd
nvd
CVE-2022-0888
2022-03-23 20:15:10
cvelist
cvelist
CVE-2022-0888
2022-03-23 19:46:51
wpexploit
wpexploit
checkpoint_advisories
checkpoint_advisories
WordPress Ninja Forms Plugin Arbitrary File Upload (CVE-2022-0888)
2022-11-02 00:00:00
cve
cve
CVE-2022-0888
2022-03-23 20:15:10