The WeStand WordPress theme before 2.1, footysquare WordPress theme, aidreform WordPress theme, statfort WordPress theme, club-theme WordPress theme, kingclub-theme WordPress theme, spikes WordPress theme, spikes-black WordPress theme, soundblast WordPress theme, bolster WordPress theme from ChimpStudio and PixFill does not have any authorisation and upload validation in the lang_upload.php file, allowing any unauthenticated attacker to upload arbitrary files to the web server.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/9ab3d6cf-aad7-41bc-9aae-dc5313f12f7c | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2023-01-23T14:48:05.590Z
Updated:
Reserved: 2022-01-20T09:29:34.686Z
Link: CVE-2022-0316
JSON object: View
NVD Information
Status : Modified
Published: 2023-01-23T15:15:13.703
Modified: 2023-11-07T03:41:12.380
Link: CVE-2022-0316
JSON object: View
Redhat Information
No data.
CWE
No CWE.