CVE-2024-4620

June 7, 2024, 2:56 p.m.

Tags

contact@wpscan.com
2024-06-07
CVE-2024-4620

Product(s) Impacted

ARForms - Premium WordPress Form Builder Plugin

  • before 6.6

Description

The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 allows unauthenticated users to modify uploaded files in such a way that PHP code can be uploaded when an upload file input is included on a form

Weaknesses

Date

Published: June 7, 2024, 6:15 a.m.

Last Modified: June 7, 2024, 2:56 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

contact@wpscan.com

References

https://wpscan.com/vulnerability/dc34dc2d-d5a1-4e28-8507-33f659ead647/
contact@wpscan.com