The Vrm 360 3D Model Viewer plugin for WordPress has an issue that can let attackers with contributor-level access and higher upload any file they want to the affected website’s server. This could potentially allow them to run malicious code on the server, and is present in all versions of the plugin up to and including version 1.2.1.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
