VYPR

Narnoo Distributor

by WordPress

CVEs (1)

  • CVE-2022-0679CriMar 28, 2022
    risk 0.68cvss 9.8epss 0.48

    The Narnoo Distributor WordPress plugin through 2.5.1 fails to validate and sanitize the lib_path parameter before it is passed into a call to require() via the narnoo_distributor_lib_request AJAX action (available to both unauthenticated and authenticated users) which results…