The ZoomSounds plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'savepng.php' file in versions up to, and including, 5.96. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.

AI/ML Hacking Resources


The home to the largest curation of resources for beginners in AI/ML security, from leading AI/ML threat researchers at Protect AI. Start your journey into AI/ML hacking today.

Highlights

  • Resources and videos on AI hacking for beginners.
Listed: