CVE-2024-4620

June 7, 2024, 2:56 p.m.

Product(s) Impacted

ARForms - Premium WordPress Form Builder Plugin

  • before 6.6

Description

The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 allows unauthenticated users to modify uploaded files in such a way that PHP code can be uploaded when an upload file input is included on a form

Weaknesses

Date

Published: June 7, 2024, 6:15 a.m.

Last Modified: June 7, 2024, 2:56 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

contact@wpscan.com

References