CVE-2020-36705

Name of the Vulnerable Software and Affected Versions Adning Advertising plugin for WordPress versions up to, and including, 1.5.5

Description The issue arises from missing file type validation in the ning upload image function, allowing unauthenticated attackers to upload arbitrary files to the server, which may lead to remote code execution.

Recommendations For Adning Advertising plugin for WordPress versions up to, and including, 1.5.5, update to a version higher than 1.5.5 to resolve the issue. As a temporary workaround, consider disabling the ning upload image function until a patch is available.