{
  "id": "CVE-2021-4436",
  "sourceIdentifier": "contact@wpscan.com",
  "published": "2024-02-05T09:15:43.013",
  "lastModified": "2024-02-05T09:15:43.013",
  "vulnStatus": "Received",
  "descriptions": [
    {
      "lang": "en",
      "value": "The 3DPrint Lite WordPress plugin before 1.9.1.5 does not have any authorisation and does not check the uploaded file in its p3dlite_handle_upload AJAX action , allowing unauthenticated users to upload arbitrary file to the web server. However, there is a .htaccess, preventing the file to be accessed on Web servers such as Apache."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://wpscan.com/vulnerability/c46ecd0d-a132-4ad6-b936-8acde3a09282/",
      "source": "contact@wpscan.com"
    }
  ]
}