CVE-2026-6101
HIGHAMP for WP <= 1.1.12 - Authenticated Arbitrary File Write
Title source: manualDescription
The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Arbitrary File Write in versions up to and including 1.1.12. This is due to unsafe ZIP file extraction in the ampforwp_save_local_font() function combined with inadequate cleanup that fails to remove nested directories and files. This makes it possible for authenticated attackers, with Author-level access and above, and permissions granted by an Administrator, to write arbitrary files to the server in a web-accessible location, potentially leading to remote code execution on hosts that execute PHP files in the uploads directory.
References (10)
Core 10
Core References
Scores
CVSS v3
7.5
EPSS
0.0065
EPSS Percentile
46.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-73
Status
published
Products (1)
mohammed_kaludi/AMP for WP – Accelerated Mobile Pages
< 1.1.12
Published
Jul 07, 2026
Tracked Since
Jul 07, 2026