CVE-2017-1002000

Name of the Vulnerable Software and Affected Versions mobile-friendly-app-builder-by-easytouch version 3.0

Description The issue concerns a lack of authentication or access control in the mobile-friendly-app-builder-by-easytouch plugin for WordPress, specifically in the file ./mobile-friendly-app-builder-by-easytouch/server/images.php. This allows unauthorized users to upload content without proper validation.

Recommendations For mobile-friendly-app-builder-by-easytouch version 3.0, consider disabling the images.php file in the server directory until a patch is available to prevent unauthorized content uploads. Restrict access to the ./mobile-friendly-app-builder-by-easytouch/server/images.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.