CVE-2026-1306

Name of the Vulnerable Software and Affected Versions midi-Synth plugin for WordPress versions up to and including 1.1.0

Description The midi-Synth plugin for WordPress is susceptible to arbitrary file uploads because of a lack of validation for file types and extensions within the 'export' AJAX action. This allows unauthenticated attackers to upload files to the affected server. Successful exploitation, which requires obtaining a valid nonce, could potentially lead to remote code execution. The nonce is exposed in frontend JavaScript, making it easily accessible to attackers.

API Endpoint: '/export' Vulnerable Parameter: No specific parameters are mentioned, but the issue relates to file uploads handled by the 'export' AJAX action. Vulnerable Function: The 'export' AJAX action is vulnerable.

Recommendations Update the midi-Synth plugin to a version newer than 1.1.0. Disable the midi-Synth plugin if an update is not available.