CVE-2018-15818

CMS/plugin: Repute ARForms 3.5.1 and earlier. A vulnerability allows an attacker to delete arbitrary files on the server by sending a malicious request to admin-ajax.php, abusing web server privileges. Affected component is the plugin’s admin AJAX endpoint; impact is file deletion with partial in...