Critical severity9.8NVD Advisory· Published Jul 2, 2018· Updated Jun 17, 2026
CVE-2018-12426
CVE-2018-12426
Description
The WP Live Chat Support Pro plugin before 8.0.07 for WordPress is vulnerable to unauthenticated Remote Code Execution due to client-side validation of allowed file types, as demonstrated by a v1/remote_upload request with a .php filename and the image/jpeg content type.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<8.0.07+ 1 more
- (no CPE)range: <8.0.07
- (no CPE)range: <8.0.07
Patches
Vulnerability mechanics
References
3- github.com/RiieCco/write-ups/tree/master/CVE-2018-12426nvdExploitThird Party Advisory
- github.com/CodeCabin/wp-live-chat-support/blob/master/readme.txtnvdThird Party Advisory
- wpvulndb.com/vulnerabilities/9697nvd
News mentions
0No linked articles in our index yet.