VYPR
Unrated severityNVD Advisory· Published May 2, 2022· Updated Aug 2, 2024

Import WP < 2.4.6 - Admin+ Arbitrary File Upload to RCE

CVE-2022-1273

Description

The Import WP WordPress plugin before 2.4.6 does not validate the imported file in some cases, allowing high privilege users such as admin to upload arbitrary files (such as PHP), leading to RCE

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.