Vulnerability Details CVE-2022-3921
The Listingo WordPress theme before 3.2.7 does not validate files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files and lead to RCE
Exploit prediction scoring system (EPSS) score
EPSS Score 0.342
EPSS Ranking 96.8%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2022-3921
-
cpe:2.3:a:themographics:listingo:*