Skip to content
CVSS 9.8 · CRITICAL

CVE-2026-4882

The User Registration Advanced Fields plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'URAF_AJAX::method_upload' function in all versions up to, and including, 1.6.20. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Note: The vulnerability can only be exploited if a "Profile Picture" field is added to the form.

Ver en NVD

Análisis

This is an unauthenticated remote code execution vulnerability in a WordPress plugin. Although the plugin itself is niche, the severity is critical (CVSS 9.8) and it involves a common file upload bypass that is easy to exploit.

Severidad

Puntaje: 9.8(CRITICAL)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AV: NETWORK
AC: LOW
PR: NONE
UI: NONE
S: UNCHANGED
C: HIGH
I: HIGH
A: HIGH
Tipo de falla (CWE): CWE-434

EPSS

Probabilidad de explotación (próx. 30 días): 0.0006 (0.1%)
Percentil: 19.6%
EPSS: 2026-05-06

Descripción técnica

The User Registration Advanced Fields plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'URAF_AJAX::method_upload' function in all versions up to, and including, 1.6.20. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Note: The vulnerability can only be exploited if a "Profile Picture" field is added to the form.

Publicada: 2/5/2026, 5:16:00
Última modificación: 5/5/2026, 19:17:22

Referencias

InicioEventosBlogRecursosEquipo