3 matches found
CVE-2026-4882 User Registration Advanced Fields <= 1.6.20 - Unauthenticated Arbitrary File Upload
The User Registration Advanced Fields plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'URAFAJAX::methodupload' function in all versions up to, and including, 1.6.20. This makes it possible for unauthenticated attackers to upload arbitrary...
PT-2026-36566
Name of the Vulnerable Software and Affected Versions User Registration Advanced Fields versions prior to 1.6.21 Description The User Registration Advanced Fields plugin for WordPress allows unauthenticated attackers to upload arbitrary files to the server. This issue stems from missing file type...
WordPress plugin User Registration Advanced Fields 代码问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...