2 matches found
CVE-2022-3416
The WPtouch WordPress plugin is affected: versions before 4.3.45 do not properly validate uploaded images, allowing high-privilege users (e.g., admins) to upload arbitrary files to the server (including in multisite setups). This is documented across multiple sources (Red Hat CVE entry, OpenVAS n...
CVE-2022-3417
The CVE-2022-3417 entry concerns the WPtouch WordPress plugin,