Unrestricted Account Registration and Arbitrary File Upload Vulnerability in jPress v4.2.0
CVE-2021-45808 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
jpress v4.2.0 allows users to register an account by default. With the account, user can upload arbitrary files to the server.
Learn more about our Cis Benchmark Audit For Server Software.