CVE-2026-4882 | WPEverest User Registration Advanced Fields Plugin up to 1.6.20 on WordPress URAF_AJAX::method_upload unrestricted upload

Inserito da Angelo Barbosa | Mag 2, 2026 | CVE

A vulnerability was found in WPEverest User Registration Advanced Fields Plugin up to 1.6.20 on WordPress and classified as critical. This impacts the function URAF_AJAX::method_upload. The manipulation results in unrestricted upload.

This vulnerability was named CVE-2026-4882. The attack may be performed from remote. There is no available exploit.

CVE-2026-4882 | WPEverest User Registration Advanced Fields Plugin up to 1.6.20 on WordPress URAF_AJAX::method_upload unrestricted upload

Post correlati

CVE-2025-5301 | OnlyOffice Docs up to 8.3.1 WOPI Protocol cross site scripting

CVE-2025-11028 | givanz Vvveb up to 1.0.7.2 Image information disclosure

CVE-2024-48418 | Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 Web Interface /goform/fromSetDDNS os command injection

CVE-2023-44283 | Dell SupportAssist for Home PCs access control (dsa-2023-401)