Description

WordPress Plugin Gravity Forms Advanced File Uploader is prone to an unspecified vulnerability. No available information exists regarding this issue and it's impact on a vulnerable website. WordPress Plugin Gravity Forms Advanced File Uploader version 1.18 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 1.19 or latest

References

https://wordpress.org/plugins/gravity-forms-advanced-file-uploader/changelog/

Related Vulnerabilities

WordPress Plugin 10Web Map Builder for Google Maps SQL Injection (1.0.72)

Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-38901)

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-14340)

WordPress Plugin Usernoise modal feedback/contact form Cross-Site Scripting (3.7.8)

PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3488)

Severity

High

Tags

Missing Update Unauthenticated File Upload