Cross-Site Request Forgery (CSRF) leading to Arbitrary File Upload vulnerability in Rara One Click Demo Import plugin <= 1.2.9 on WordPress allows attackers to trick logged-in admin users into uploading dangerous files into /wp-content/uploads/ directory.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published: 2022-04-29T16:58:13.542056Z

Updated: 2024-09-17T02:33:09.755Z

Reserved: 2022-04-18T00:00:00

Link: CVE-2022-29451

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-04-29T17:15:22.943

Modified: 2024-11-21T06:59:06.880

Link: CVE-2022-29451

cve-icon Redhat

No data.