CVE-2022-1273
Import WP < 2.4.6 - Admin+ Arbitrary File Upload to RCE
The Import WP WordPress plugin before 2.4.6 does not validate the imported file in some cases, allowing high privilege users such as admin to upload arbitrary files (such as PHP), leading to RCE
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →