Lucene search
K

4 matches found

NVD
NVD
added 2022/12/05 5:15 p.m.24 views

CVE-2022-1540

The PostmagThemes Demo Import WordPress plugin through 1.0.7 does not validate the imported file, allowing high-privilege users such as admin to upload arbitrary files such as PHP leading to RCE...

7.2CVSS0.01042EPSS
Exploits2References1
CVE
CVE
added 2022/12/05 4:50 p.m.67 views

CVE-2022-1540

The CVE-2022-1540 issue affects the WordPress plugin PostmagThemes Demo Import, version 1.0.7 and earlier. The root cause is that the plugin does not validate the uploaded import file, enabling high-privilege users (e.g., admins) to upload arbitrary files (such as PHP), which can lead to remote c...

7.2CVSS7AI score0.01042EPSS
Exploits2References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/12/05 12:0 a.m.6 views

PT-2022-13941 · WordPress · Postmagthemes Demo Import

Name of the Vulnerable Software and Affected Versions: PostmagThemes Demo Import WordPress plugin versions 1.0.0 through 1.0.7 Description: The issue allows high-privilege users, such as admins, to upload arbitrary files, including PHP files, due to a lack of validation of the imported file. This...

7.2CVSS8.4AI score0.01042EPSS
Exploits2References7
CNNVD
CNNVD
added 2022/12/05 12:0 a.m.3 views

WordPress plugin PostmagThemes Demo Import 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

7.2CVSS7.4AI score0.01042EPSS
Exploits2References2
Rows per page
Query Builder