CVE-2026-3464 | aguilatechnologies WP Customer Area Plugin up to 8.3.4 on WordPress ajax_attach_file path traversal

Inserito da Angelo Barbosa | Apr 17, 2026 | CVE

A vulnerability was found in aguilatechnologies WP Customer Area Plugin up to 8.3.4 on WordPress. It has been classified as critical. Affected by this vulnerability is the function ajax_attach_file. Performing a manipulation results in path traversal.

This vulnerability was named CVE-2026-3464. The attack may be initiated remotely. There is no available exploit.

CVE-2026-3464 | aguilatechnologies WP Customer Area Plugin up to 8.3.4 on WordPress ajax_attach_file path traversal

Post correlati

CVE-2024-56564 | Linux Kernel up to 6.12.3 ceph_mds_auth_match memory leak

CVE-2024-57723 | lunasvg 3.0.0 composition_source_over memory corruption (Exploit 209)

CVE-2025-40758 | Siemens Mendix SAML SSO signature verification (ssa-395458)

CVE-2024-3357 | SourceCodester Aplaya Beach Resort Online Reservation System 1.0 index.php end cross site scripting