The WPtouch WordPress plugin before 4.3.45 does not properly validate images to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/f927dbe0-3939-4882-a469-1309ac737ee6 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2023-01-09T22:13:28.101Z
Updated: 2023-01-10T09:07:36.845Z
Reserved: 2022-10-07T05:51:13.006Z
Link: CVE-2022-3416
JSON object: View
NVD Information
Status : Modified
Published: 2023-01-09T23:15:26.677
Modified: 2023-11-07T03:51:13.450
Link: CVE-2022-3416
JSON object: View
Redhat Information
No data.
CWE
No CWE.