Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    2 vulnerabilities by advanced_uploader_project

    CVE-2022-1103 (GCVE-0-2022-1103)

    Vulnerability from nvd – Published: 2022-05-16 14:30 – Updated: 2024-08-02 23:55
    VLAI
    Title
    Advanced Uploader <= 4.2 - Subscriber+ Arbitrary File Upload
    Summary
    The Advanced Uploader WordPress plugin through 4.2 allows any authenticated users like subscriber to upload arbitrary files, such as PHP, which could lead to RCE
    Severity
    No CVSS data available.
    CWE
    • CWE-434 - Unrestricted Upload of File with Dangerous Type
    Assigner
    References
    Impacted products
    Vendor Product Version
    Unknown Advanced uploader Affected: 4.2 , ≤ 4.2 (custom)
    Create a notification for this product.
    Credits
    Roel van Beurden
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T23:55:24.395Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wpscan.com/vulnerability/9ddeef95-7c7f-4296-a55b-fd3304c91c18"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Advanced uploader",
              "vendor": "Unknown",
              "versions": [
                {
                  "lessThanOrEqual": "4.2",
                  "status": "affected",
                  "version": "4.2",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Roel van Beurden"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Advanced Uploader WordPress plugin through 4.2 allows any authenticated users like subscriber to upload arbitrary files, such as PHP, which could lead to RCE"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-05-16T14:30:37.000Z",
            "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            "shortName": "WPScan"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wpscan.com/vulnerability/9ddeef95-7c7f-4296-a55b-fd3304c91c18"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Advanced Uploader \u003c= 4.2 - Subscriber+ Arbitrary File Upload",
          "x_generator": "WPScan CVE Generator",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "contact@wpscan.com",
              "ID": "CVE-2022-1103",
              "STATE": "PUBLIC",
              "TITLE": "Advanced Uploader \u003c= 4.2 - Subscriber+ Arbitrary File Upload"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Advanced uploader",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_name": "4.2",
                                "version_value": "4.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Unknown"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Roel van Beurden"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Advanced Uploader WordPress plugin through 4.2 allows any authenticated users like subscriber to upload arbitrary files, such as PHP, which could lead to RCE"
                }
              ]
            },
            "generator": "WPScan CVE Generator",
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-434 Unrestricted Upload of File with Dangerous Type"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wpscan.com/vulnerability/9ddeef95-7c7f-4296-a55b-fd3304c91c18",
                  "refsource": "MISC",
                  "url": "https://wpscan.com/vulnerability/9ddeef95-7c7f-4296-a55b-fd3304c91c18"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "assignerShortName": "WPScan",
        "cveId": "CVE-2022-1103",
        "datePublished": "2022-05-16T14:30:37.000Z",
        "dateReserved": "2022-03-26T00:00:00.000Z",
        "dateUpdated": "2024-08-02T23:55:24.395Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-1103 (GCVE-0-2022-1103)

    Vulnerability from cvelistv5 – Published: 2022-05-16 14:30 – Updated: 2024-08-02 23:55
    VLAI
    Title
    Advanced Uploader <= 4.2 - Subscriber+ Arbitrary File Upload
    Summary
    The Advanced Uploader WordPress plugin through 4.2 allows any authenticated users like subscriber to upload arbitrary files, such as PHP, which could lead to RCE
    Severity
    No CVSS data available.
    CWE
    • CWE-434 - Unrestricted Upload of File with Dangerous Type
    Assigner
    References
    Impacted products
    Vendor Product Version
    Unknown Advanced uploader Affected: 4.2 , ≤ 4.2 (custom)
    Create a notification for this product.
    Credits
    Roel van Beurden
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T23:55:24.395Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wpscan.com/vulnerability/9ddeef95-7c7f-4296-a55b-fd3304c91c18"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Advanced uploader",
              "vendor": "Unknown",
              "versions": [
                {
                  "lessThanOrEqual": "4.2",
                  "status": "affected",
                  "version": "4.2",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Roel van Beurden"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Advanced Uploader WordPress plugin through 4.2 allows any authenticated users like subscriber to upload arbitrary files, such as PHP, which could lead to RCE"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-05-16T14:30:37.000Z",
            "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            "shortName": "WPScan"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wpscan.com/vulnerability/9ddeef95-7c7f-4296-a55b-fd3304c91c18"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Advanced Uploader \u003c= 4.2 - Subscriber+ Arbitrary File Upload",
          "x_generator": "WPScan CVE Generator",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "contact@wpscan.com",
              "ID": "CVE-2022-1103",
              "STATE": "PUBLIC",
              "TITLE": "Advanced Uploader \u003c= 4.2 - Subscriber+ Arbitrary File Upload"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Advanced uploader",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_name": "4.2",
                                "version_value": "4.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Unknown"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Roel van Beurden"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Advanced Uploader WordPress plugin through 4.2 allows any authenticated users like subscriber to upload arbitrary files, such as PHP, which could lead to RCE"
                }
              ]
            },
            "generator": "WPScan CVE Generator",
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-434 Unrestricted Upload of File with Dangerous Type"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wpscan.com/vulnerability/9ddeef95-7c7f-4296-a55b-fd3304c91c18",
                  "refsource": "MISC",
                  "url": "https://wpscan.com/vulnerability/9ddeef95-7c7f-4296-a55b-fd3304c91c18"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "assignerShortName": "WPScan",
        "cveId": "CVE-2022-1103",
        "datePublished": "2022-05-16T14:30:37.000Z",
        "dateReserved": "2022-03-26T00:00:00.000Z",
        "dateUpdated": "2024-08-02T23:55:24.395Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }