Lucene search
K

4 matches found

NVD
NVD
added 2022/12/12 6:15 p.m.17 views

CVE-2022-3989

The Motors WordPress plugin before 1.4.4 does not properly validate uploaded files for dangerous file types such as .php in an AJAX action, allowing an attacker to sign up on a victim's WordPress instance, upload a malicious PHP file and attempt to launch a brute-force attack to discover the...

8.8CVSS0.01048EPSS
Exploits2References1
OSV
OSV
added 2022/12/12 6:15 p.m.6 views

CVE-2022-3989

The Motors WordPress plugin before 1.4.4 does not properly validate uploaded files for dangerous file types such as .php in an AJAX action, allowing an attacker to sign up on a victim's WordPress instance, upload a malicious PHP file and attempt to launch a brute-force attack to discover the...

8.8CVSS5.8AI score0.01048EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/12/12 5:54 p.m.23 views

CVE-2022-3989 Motors - Car Dealer, Classifieds & Listing < 1.4.4 - Arbitrary File Upload

The Motors WordPress plugin before 1.4.4 does not properly validate uploaded files for dangerous file types such as .php in an AJAX action, allowing an attacker to sign up on a victim's WordPress instance, upload a malicious PHP file and attempt to launch a brute-force attack to discover the...

8.9AI score0.01048EPSS
Exploits2References1
CVE
CVE
added 2022/12/12 5:54 p.m.62 views

CVE-2022-3989

The Motors WordPress plugin is vulnerable in versions before 1.4.4 due to improper validation of uploaded files for dangerous types (e.g., .php) in an AJAX action. This can allow a user to sign up on a victim WordPress instance, upload PHP payloads, and potentially launch a brute‑force/credential...

8.8CVSS8.8AI score0.01048EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder