4 matches found
CVE-2022-1540
The PostmagThemes Demo Import WordPress plugin through 1.0.7 does not validate the imported file, allowing high-privilege users such as admin to upload arbitrary files such as PHP leading to RCE...
CVE-2022-1540
The CVE-2022-1540 issue affects the WordPress plugin PostmagThemes Demo Import, version 1.0.7 and earlier. The root cause is that the plugin does not validate the uploaded import file, enabling high-privilege users (e.g., admins) to upload arbitrary files (such as PHP), which can lead to remote c...
PT-2022-13941 · WordPress · Postmagthemes Demo Import
Name of the Vulnerable Software and Affected Versions: PostmagThemes Demo Import WordPress plugin versions 1.0.0 through 1.0.7 Description: The issue allows high-privilege users, such as admins, to upload arbitrary files, including PHP files, due to a lack of validation of the imported file. This...
WordPress plugin PostmagThemes Demo Import 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...