Descrição
The WeStand WordPress theme before 2.1, footysquare WordPress theme, aidreform WordPress theme, statfort WordPress theme, club-theme WordPress theme, kingclub-theme WordPress theme, spikes WordPress theme, spikes-black WordPress theme, soundblast WordPress theme, bolster WordPress theme from ChimpStudio and PixFill does not have any authorisation and upload validation in the lang_upload.php file, allowing any unauthenticated attacker to upload arbitrary files to the web server.
Software
Não informado
Tipo Software
Tema
CVE
CVE-2022-0316
Tags
Nâo informado
Data de publicação
23/01/2023
Última atualização
04/04/2025
Pontuação em CVSS 3.0
9.8
Crítico