CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6310 – Advanced AJAX Page Loader <= 2.7.7 - Cross-Site Request Forgery to Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-6310
The Advanced AJAX Page Loader plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 2.7.7. This is due to missing nonce validation in the 'admin_init_AAPL' function and missing file type validation in the 'AAPL_options_validate' function. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. El complemento Advanced AJAX Page Loader para WordPress es vulnerable a Cross-Site Request Forgery para la carga arbitraria de archivos en versiones hasta la 2.7.7 incluida. Esto se debe a que falta la validación nonce en la función 'admin_init_AAPL' y a la falta de validación del tipo de archivo en la función 'AAPL_options_validate'. • https://plugins.trac.wordpress.org/browser/advanced-ajax-page-loader/tags/2.7.7/advanced-ajax-page-loader.php#L131 https://plugins.trac.wordpress.org/browser/advanced-ajax-page-loader/tags/2.7.7/advanced-ajax-page-loader.php#L41 https://www.wordfence.com/threat-intel/vulnerabilities/id/ccc75dee-1cf8-4fda-b2a1-f5d68e6c7887?source=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10929 – Advanced AJAX Page Loader < 2.7.7 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2016-10929
The advanced-ajax-page-loader plugin before 2.7.7 for WordPress has no protection against the reading of uploaded files when not logged in. El plugin advanced-ajax-page-loader anterior a la versión 2.7.7 para WordPress no tiene protección contra la lectura de archivos cargados cuando no está conectado. The Advanced AJAX Page Loader plugin before 2.7.7 for WordPress has no protection against the reading of uploaded files when not logged in. • https://wordpress.org/plugins/advanced-ajax-page-loader/#developers • CWE-264: Permissions, Privileges, and Access Controls CWE-434: Unrestricted Upload of File with Dangerous Type •