Arbitrary File Deletion in Repute ARForms Plugin for WordPress
CVE-2018-15818
7.5HIGH
What is CVE-2018-15818?
An issue has been identified in Repute ARForms versions 3.5.1 and earlier, which allows an attacker to execute arbitrary file deletion on the server. By crafting a malicious request targeting the admin-ajax.php file, an attacker can manipulate the web server's permissions to delete any file without proper authorization. This vulnerability poses significant risks to the server's integrity, making it crucial for users to ensure they are operating the latest patched version of the plugin to mitigate potential threats.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved