Inc2734 Mw Wp Form
4 CVEs affecting Inc2734 Mw Wp Form. Latest disclosed: 2026-04-08. Critical: 1, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-6316 | Critical | 9.8 | 2024-01-11 | The MW WP Form plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the '_single_file_upload' function in v… |
CVE-2026-5436 | High | 8.1 | 2026-04-08 | The MW WP Form plugin for WordPress is vulnerable to Arbitrary File Move/Read in all versions up to and including 5.1.1. This is due to insufficient validation… |
CVE-2026-4347 | High | 8.1 | 2026-04-02 | The MW WP Form plugin for WordPress is vulnerable to arbitrary file moving due to insufficient file path validation via the 'generate_user_filepath' function a… |
CVE-2023-6559 | High | 7.5 | 2023-12-16 | The MW WP Form plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 5.0.3. This is due to the plugin not properl… |