CVE-2022-3921

The Listingo WordPress theme before 3.2.7 does not validate files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files and lead to RCE
Configurations

Configuration 1 (hide)

cpe:2.3:a:themographics:listingo:*:*:*:*:*:wordpress:*:*

History

21 Nov 2024, 07:20

Type Values Removed Values Added
References () https://wpscan.com/vulnerability/e39b59b0-f24f-4de5-a21c-c4de34c3a14f - Exploit, Third Party Advisory () https://wpscan.com/vulnerability/e39b59b0-f24f-4de5-a21c-c4de34c3a14f - Exploit, Third Party Advisory

14 Dec 2022, 21:34

Type Values Removed Values Added
New CVE

Information

Published : 2022-12-12 18:15

Updated : 2024-11-21 07:20


NVD link : CVE-2022-3921

Mitre link : CVE-2022-3921

CVE.ORG link : CVE-2022-3921


JSON object : View

Products Affected

themographics

  • listingo
CWE

No CWE.