Vulnerabilities

CVE-2020-35945

by Fred · 31/12/2020

An issue was discovered in the Divi Builder plugin, Divi theme, and Divi Extra theme before 4.5.3 for WordPress. Authenticated attackers, with contributor-level or above capabilities, can upload arbitrary files, including .php files. This occurs because the check for file extensions is on the client side.

Date published : 2020-12-31

https://wpscan.com/vulnerability/10342

Critical Vulnerability Exposes over 700,000 Sites Using Divi, Extra, and Divi Builder

Similar

Tags: Cybersecurity Alert