CVE-2022-1273
Import WP < 2.4.6 - Admin+ Arbitrary File Upload to RCE
The Import WP WordPress plugin before 2.4.6 does not validate the imported file in some cases, allowing high privilege users such as admin to upload arbitrary files (such as PHP), leading to RCE
Productos afectados
Unknown · Import WP – Import and Export WordPress data to XML or CSV files¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →