3 matches found
CVE-2022-38140
Auth. contributor+ Arbitrary File Upload in SEO Plugin by Squirrly SEO plugin = 12.1.10 on WordPress...
CVE-2022-38140 WordPress SEO Plugin by Squirrly SEO Plugin <= 12.1.10 is vulnerable to Arbitrary File Upload
Auth. contributor+ Arbitrary File Upload in SEO Plugin by Squirrly SEO plugin = 12.1.10 on WordPress...
CVE-2022-38140
Summary of CVE-2022-38140 : The WordPress SEO Plugin by Squirrly SEO (versions ≤ 12.1.10) is vulnerable to an Arbitrary File Upload issue exploitable by users with a contributor role or higher. The root cause described across sources is inadequate validation/handling of uploaded files, allowing u...