Published: 23/01/2023 Updated: 07/11/2023

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

The WeStand WordPress theme prior to 2.1, footysquare WordPress theme, aidreform WordPress theme, statfort WordPress theme, club-theme WordPress theme, kingclub-theme WordPress theme, spikes WordPress theme, spikes-black WordPress theme, soundblast WordPress theme, bolster WordPress theme from ChimpStudio and PixFill does not have any authorisation and upload validation in the lang_upload.php file, allowing any unauthenticated malicious user to upload arbitrary files to the web server.

Vulnerable Product	Search on Vulmon	Subscribe to Product
chimpgroup westand
chimpgroup bolster -
soundblast project soundblast -
spikes-black project spikes-black -
chimpgroup spikes -
pixfill kings club -
club-theme project club-theme -
statfort project statfort -
aidreform project aidreform -
footysquare project footysquare -

( Wordpress Exploit ) Wordpress Multiple themes - Unauthenticated Arbitrary File Upload

Wordpress Multiple themes - Unauthenticated Arbitrary File Upload CVE-2022-0316 Unauthenticated Arbitrary File Upload in multiple themes from ChimpStudio and PixFill For more exploits and exclusive ones contact me on telegram @KtN1990 Themes Effected westand footysquare aidreform statfort club-theme kingclub-theme spikes spikes-black soundblast bolster rocky-theme bolster-th

https://wpscan.com/vulnerability/9ab3d6cf-aad7-41bc-9aae-dc5313f12f7c https://nvd.nist.gov https://github.com/KTN1990/CVE-2022-0316_wordpress_multiple_themes_exploit

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-0316

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect