EUVD-2022-24836

Malicious code in bioql PyPI...

CVE-2022-1540

The PostmagThemes Demo Import WordPress plugin through 1.0.7 does not validate the imported file, allowing high-privilege users such as admin to upload arbitrary files such as PHP leading to RCE...

CVE-2022-1540

The PostmagThemes Demo Import WordPress plugin through 1.0.7 does not validate the imported file, allowing high-privilege users such as admin to upload arbitrary files such as PHP leading to RCE...

CVE-2022-1540

The PostmagThemes Demo Import WordPress plugin through 1.0.7 does not validate the imported file, allowing high-privilege users such as admin to upload arbitrary files such as PHP leading to RCE...

Design/Logic Flaw

The PostmagThemes Demo Import WordPress plugin through 1.0.7 does not validate the imported file, allowing high-privilege users such as admin to upload arbitrary files such as PHP leading to RCE...

CVE-2022-1540 PostmagThemes Demo <= 1.0.7 - Admin+ Arbitrary File Upload

The PostmagThemes Demo Import WordPress plugin through 1.0.7 does not validate the imported file, allowing high-privilege users such as admin to upload arbitrary files such as PHP leading to RCE...

CVE-2022-1540 PostmagThemes Demo <= 1.0.7 - Admin+ Arbitrary File Upload

The PostmagThemes Demo Import WordPress plugin through 1.0.7 does not validate the imported file, allowing high-privilege users such as admin to upload arbitrary files such as PHP leading to RCE...

CVE-2022-1540

The CVE-2022-1540 issue affects the WordPress plugin PostmagThemes Demo Import, version 1.0.7 and earlier. The root cause is that the plugin does not validate the uploaded import file, enabling high-privilege users (e.g., admins) to upload arbitrary files (such as PHP), which can lead to remote c...

PT-2022-13941 · WordPress · Postmagthemes Demo Import

Name of the Vulnerable Software and Affected Versions: PostmagThemes Demo Import WordPress plugin versions 1.0.0 through 1.0.7 Description: The issue allows high-privilege users, such as admins, to upload arbitrary files, including PHP files, due to a lack of validation of the imported file. This...

WordPress plugin PostmagThemes Demo Import 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

WordPress PostmagThemes Demo plugin <= 1.0.7 - Auth. Arbitrary File Upload vulnerability

Auth. Arbitrary File Upload vulnerability discovered by thunder.god.hhh in WordPress PostmagThemes Demo plugin versions = 1.0.7. Solution Deactivate and delete. This plugin has been closed as of November 10, 2022 and is not available for download. This closure is temporary, pending a full review...