Cross-Site Request Forgery (CSRF) leading to Arbitrary File Upload vulnerability in Rara One Click Demo Import plugin <= 1.2.9 on WordPress allows attackers to trick logged-in admin users into uploading dangerous files into /wp-content/uploads/ directory.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Patchstack
Published: 2022-04-29T16:58:13.542056Z
Updated: 2024-09-17T02:33:09.755Z
Reserved: 2022-04-18T00:00:00
Link: CVE-2022-29451
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-04-29T17:15:22.943
Modified: 2024-11-21T06:59:06.880
Link: CVE-2022-29451
Redhat
No data.