CVE-2024-4620

🗓️ 07 Jun 2024 06:00:02Reported by WPScanType

cve🔗 web.nvd.nist.gov👁 94 Views🌐 WEB

ARForms WordPress Plugin allows unauthorized PHP file uploads

Reporter	Title	Published	Views	Family All 15
Circl	CVE-2024-4620	29 May 202509:42	–	circl
CNNVD	WordPress plugin ARForms security vulnerability	7 Jun 202400:00	–	cnnvd
Cvelist	CVE-2024-4620 ArForms < 6.6 - Unauthenticated RCE	7 Jun 202406:00	–	cvelist
Nuclei	ArForms < 6.6 - Remote Code Execution	28 Jun 202615:08	–	nuclei
NVD	CVE-2024-4620	7 Jun 202406:15	–	nvd
OSV	CVE-2024-4620	7 Jun 202406:15	–	osv
Patchstack	WordPress ARForms Plugin < 6.6 is vulnerable to Remote Code Execution (RCE)	7 Jun 202400:00	–	patchstack
Patchstack	WordPress ArForms Premium plugin < 6.6 - Unauthenticated RCE vulnerability	7 Jun 202408:06	–	patchstack
Positive Technologies	PT-2024-31920	7 Jun 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-4620	23 May 202507:36	–	redhatcve

NVD

Vulners

Vulnrichment

Node

reputeinfosystems arformsRange<6.6wordpress

[
  {
    "vendor": "Unknown",
    "product": "ARForms - Premium WordPress Form Builder Plugin",
    "versions": [
      {
        "status": "affected",
        "versionType": "semver",
        "version": "0",
        "lessThan": "6.6"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
wpscan	www.wpscan.com/vulnerability/dc34dc2d-d5a1-4e28-8507-33f659ead647/

Parameter	Position	Path	Description	CWE
action	request body	wordpress/wp-admin/admin-ajax.php	Unauthenticated user can modify uploaded files via form upload to enable execution of PHP code (POC shows uploading a .html file containing PHP and executing it).	CWE-434
files	request body	wordpress/wp-admin/admin-ajax.php	Unauthenticated user can modify uploaded files via form upload to enable execution of PHP code (POC shows uploading a .html file containing PHP and executing it).	CWE-434
frm	request body	wordpress/wp-admin/admin-ajax.php	Unauthenticated user can modify uploaded files via form upload to enable execution of PHP code (POC shows uploading a .html file containing PHP and executing it).	CWE-434
field_id	request body	wordpress/wp-admin/admin-ajax.php	Unauthenticated user can modify uploaded files via form upload to enable execution of PHP code (POC shows uploading a .html file containing PHP and executing it).	CWE-434
file_type	request body	wordpress/wp-admin/admin-ajax.php	Unauthenticated user can modify uploaded files via form upload to enable execution of PHP code (POC shows uploading a .html file containing PHP and executing it).	CWE-434
types_arr	request body	wordpress/wp-admin/admin-ajax.php	Unauthenticated user can modify uploaded files via form upload to enable execution of PHP code (POC shows uploading a .html file containing PHP and executing it).	CWE-434
token	request body	wordpress/wp-admin/admin-ajax.php	Unauthenticated user can modify uploaded files via form upload to enable execution of PHP code (POC shows uploading a .html file containing PHP and executing it).	CWE-434
token	request body	wordpress/wp-admin/admin-ajax.php	Unauthenticated user can modify uploaded files via form upload to enable execution of PHP code (POC shows uploading a .html file containing PHP and executing it).	CWE-434
files	request body	wordpress/wp-admin/admin-ajax.php	Unauthenticated user can modify uploaded files via form upload to enable execution of PHP code (POC shows uploading a .html file containing PHP and executing it).	CWE-434
readme.html	request body	wordpress/wp-admin/admin-ajax.php	Unauthenticated user can modify uploaded files via form upload to enable execution of PHP code (POC shows uploading a .html file containing PHP and executing it).	CWE-434

17 Jun 2026 08:02Current

9.6High risk

Vulners AI Score9.6

CVSS 3.19.8

EPSS0.03345

SSVC