Description

WordPress Plugin Gravity Forms Advanced File Uploader is prone to an unspecified vulnerability. No available information exists regarding this issue and it's impact on a vulnerable website. WordPress Plugin Gravity Forms Advanced File Uploader version 1.18 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 1.19 or latest

References

https://wordpress.org/plugins/gravity-forms-advanced-file-uploader/changelog/

Related Vulnerabilities

WordPress Plugin Js-appointment 'searchdata.php' SQL Injection (1.5)

WordPress Plugin to Manage/Design WordPress Blog-WP Blog Manager Lite includes Backdoor [Only if downloaded via the vendor website] (1.1.0)

WordPress Plugin Thank You Counter Button Cross-Site Scripting (1.8.2)

WordPress Plugin WP Media Cleaner Multiple Cross-Site Scripting Vulnerabilities (2.2.6)

WordPress Plugin PayPal WP Button Manager SQL Injection (0.1.1)

Severity

High

Tags

Missing Update Unauthenticated File Upload