WordPress AccessKeys AccessPress Anonymous Post Pro Plugin Arbitrary File Upload Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.AccessKeys AccessPress Anonymous Post Pro plugin is used in one of the anonymous publishing plugin. An arbitrary...

WordPress AccessPress Anonymous Post Pro plugin <=3.1.8 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability found by Colette Chamberland in WordPress AccessPress Anonymous Post Pro plugin versions =3.1.8. Improper sanitization leads make it possible to upload any file with any extension. Solution Update the WordPress AccessPress Anonymous Post Pro...

CVE-2017-16949

An issue was discovered in the AccessKeys AccessPress Anonymous Post Pro plugin through 3.1.9 for WordPress. Improper input sanitization allows the attacker to override the settings for allowed file extensions and upload file size, related to inc/cores/file-uploader.php and...

Input validation

An issue was discovered in the AccessKeys AccessPress Anonymous Post Pro plugin through 3.1.9 for WordPress. Improper input sanitization allows the attacker to override the settings for allowed file extensions and upload file size, related to inc/cores/file-uploader.php and...

AccessPress Anonymous Post Pro < 3.2.0 - Unauthenticated Arbitrary File Upload

Improper sanitization allows the attacker to override the settings for allowed file extensions and upload file size. This allows the attacker to upload anything they want, bypassing the filters. OST...

AccessPress Anonymous Post Pro < 3.2.0 - Unauthenticated Arbitrary File Upload

Improper sanitization allows the attacker to override the settings for allowed file extensions and upload file size. This allows the attacker to upload anything they want, bypassing the filters. PoC OST /wp-admin/admin-ajax.php?action=apfileuploadactionuploadernonce=nonce=php=64000 HTTP/1.1...

CVE-2017-16949

An issue was discovered in the AccessKeys AccessPress Anonymous Post Pro plugin through 3.1.9 for WordPress. Improper input sanitization allows the attacker to override the settings for allowed file extensions and upload file size, related to inc/cores/file-uploader.php and...

CVE-2017-16949

Summary: CVE-2017-16949 affects the AccessKeys AccessPress Anonymous Post Pro WordPress plugin (versions up to 3.1.9). Improper input sanitization in the file-upload components (inc/cores/file-uploader.php and file-uploader/file-uploader-class.php) allows an unauthenticated attacker to override a...

Accesspress Anonymous Post Pro 3.2.0 - Arbitrary File Upload

Accesspress Anonymous Post Pro 3.2.0 - Arbitrary File Upload Exploit Title: Unauthenticated Arbitrary File Upload Date: November 12, 2017 Exploit Author: Colette Chamberland Author contact: [email protected] Author homepage: https://defiant.com Vendor Homepage: https://accesspressthemes.com/...

WordPress Accesspress Anonymous Post Pro < 3.2.0 - Unauthenticated Arbitrary File Upload Vulnerab

Exploit for php platform in category web applications Date: November 12, 2017 Exploit Author: Colette Chamberland Author contact: email protected Author homepage: https://defiant.com Vendor Homepage: https://accesspressthemes.com/ Software Link:...

Accesspress Anonymous Post Pro &lt; 3.2.0 - Arbitrary File Upload

Exploit Title: Unauthenticated Arbitrary File Upload Date: November 12, 2017 Exploit Author: Colette Chamberland Author contact: [email protected] Author homepage: https://defiant.com Vendor Homepage: https://accesspressthemes.com/ Software Link:...