EIP-2026-113916
PRE-CVEWordPress Plugin N-Media Website Contact Form with File Upload 1.3.4 - Arbitrary File Upload (1)
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-113916. PoCs published by Claudio Viviani.
AI-analyzed exploit summary This exploit demonstrates an unrestricted file upload vulnerability in WordPress N-Media Website Contact Form with File Upload plugin version 1.3.4. It allows an attacker to upload a malicious PHP file via a crafted POST request to the admin-ajax.php endpoint.
Description
WordPress Plugin N-Media Website Contact Form with File Upload 1.3.4 - Arbitrary File Upload (1)
Exploits (1)
This exploit demonstrates an unrestricted file upload vulnerability in WordPress N-Media Website Contact Form with File Upload plugin version 1.3.4. It allows an attacker to upload a malicious PHP file via a crafted POST request to the admin-ajax.php endpoint.