Arbitrary File Upload Vulnerability in Advanced Uploader WordPress Plugin

Arbitrary File Upload Vulnerability in Advanced Uploader WordPress Plugin

CVE-2022-1103 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

The Advanced Uploader WordPress plugin through 4.2 allows any authenticated users like subscriber to upload arbitrary files, such as PHP, which could lead to RCE

Learn more about our Wordpress Pen Testing.