CyberRota
← Ana sayfaya dön

CVE-2026-9815

MEDIUM · CVSS 6.5 EPSS %0.21

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-18T08:16:34.590 · Çekilme zamanı: 2026-06-30T12:26:15.094703+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-9815
Severity
MEDIUM
CVSS
6.5
EPSS
%0.21
WordPress

Orijinal NVD Açıklaması

The MagicForm WordPress plugin through 0.1.3 does not properly validate the type of files uploaded through an unauthenticated AJAX action when a form's per-field extension allowlist is left empty, allowing unauthenticated attackers to upload PHP files and execute arbitrary code on the server.