Vulnerabilities > CVE-2022-3921 - Unspecified vulnerability in Themographics Listingo
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The Listingo WordPress theme before 3.2.7 does not validate files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files and lead to RCE
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |