VYPR
Unrated severityNVD Advisory· Published Jun 16, 2012· Updated Jun 16, 2026

CVE-2012-3574

CVE-2012-3574

Description

Unrestricted file upload vulnerability in includes/doajaxfileupload.php in the MM Forms Community plugin 2.2.5 and 2.2.6 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in upload/temp.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:a:tbelmans:mm_forms_community:2.2.5:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:tbelmans:mm_forms_community:2.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:tbelmans:mm_forms_community:2.2.6:*:*:*:*:*:*:*
  • Range: =2.2.5, =2.2.6

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.