PT-2026-33465 · WordPress · Wp Customer Area
Angus Girvan
·
Published
2026-04-17
·
Updated
2026-04-19
·
CVE-2026-3464
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
WP Customer Area versions prior to 8.3.5
Description
Insufficient file path validation in the
ajax attach file() function allows authenticated attackers with roles granted by an administrator, such as Subscriber, to read or delete arbitrary files on the server. Reading files may expose sensitive information, while deleting files, such as 'wp-config.php', can lead to remote code execution.Recommendations
Update to a version newer than 8.3.4.
As a temporary workaround, restrict access to the
ajax attach file() function until the update is applied.Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wp Customer Area