2 matches found
EUVD-2023-57894
Malicious code in bioql PyPI...
WooCommerce Ninja Forms Product Add-ons < 1.7.1 - Unauthenticated Arbitrary File Upload
Description The plugin does not validate the file to be uploaded, allowing any unauthenticated users to upload arbitrary files to the server, leading to RCE. PoC Make sure to have both WooCommerce and NinjaForms 3.4.34.2 NF's latest version on the 3.4 branch installed, then follow those...