4 matches found
WordPress Ninja Forms Plugin Arbitrary File Upload (CVE-2022-0888)
An arbitrary file upload vulnerability exists in WordPress Ninja Forms plugin. Successful exploitation of this vulnerability allows an attacker to execute arbitrary code on the vulnerable system with administrative privileges...
CVE-2022-0888
The Ninja Forms - File Uploads Extension WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the /includes/ajax/controllers/uploads.php file which can be bypassed making it possible for unauthenticated attackers to upload malicious file...
CVE-2022-0888 Ninja Forms - File Uploads Extension <= 3.3.0 - Arbitrary File Upload
The Ninja Forms - File Uploads Extension WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the /includes/ajax/controllers/uploads.php file which can be bypassed making it possible for unauthenticated attackers to upload malicious file...
CVE-2022-0888
The CVE-2022-0888 entry concerns the WordPress Ninja Forms - File Uploads Extension plugin. Affected component: uploads handling (uploads.php) in the plugin’s codebase. Root cause: insufficient input file type validation allows bypass, enabling unauthenticated attackers to upload arbitrary files....