Unrated severityNVD Advisory· Published Jun 7, 2024· Updated Aug 1, 2024
ArForms < 6.6 - Unauthenticated RCE
CVE-2024-4620
Description
The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 allows unauthenticated users to modify uploaded files in such a way that PHP code can be uploaded when an upload file input is included on a form
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- wpscan.com/vulnerability/dc34dc2d-d5a1-4e28-8507-33f659ead647/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.