CVE-2022-1103

CVE-2022-1103: Advanced Uploader <= 4.2 - Subscriber+ Arbitrary File Upload

Vendor Unknown
Product Advanced uploader
Weakness CWE-434 · Unrestricted file upload
Published May 16, 2022
Last update August 2, 2024

CVSS base score

What the vulnerability does

01Description

The Advanced Uploader WordPress plugin through 4.2 allows any authenticated users like subscriber to upload arbitrary files, such as PHP, which could lead to RCE

Key dates

02Disclosure timeline

May 16, 2022 CVE published
August 2, 2024 Record updated