Severity by source
AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Network-reachable unauthenticated upload endpoint (AV:N/PR:N/UI:N); AC:H reflects a non-trivial validation bypass; successful upload yields PHP execution affecting the underlying host beyond the plugin (S:C, C/I/A:H).
Primary rating from Vendor (Patchstack).
CVSS VectorVendor: Patchstack
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
Unauthenticated Arbitrary File Upload in SigmaForms Pro - AI Generated Forms <= 1.4.5 versions.
AnalysisAI
Unauthenticated arbitrary file upload in the SigmaForms Pro - AI Generated Forms WordPress plugin (versions <= 1.4.5) allows remote attackers to upload files of their choosing to the underlying web server, enabling webshell deployment and full site takeover. The flaw was disclosed by Patchstack and carries a CVSS 3.1 score of 9.0 with scope change, indicating impact beyond the vulnerable component. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | The target WordPress site must have the SigmaForms Pro - AI Generated Forms plugin installed and activated at a version at or below 1.4.5, with its upload-handling endpoint reachable from the attacker's network position (the default for any internet-facing WordPress install). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector (AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H) indicates a network-reachable, unauthenticated, no-user-interaction flaw with scope change and full CIA impact - characteristic of arbitrary file upload leading to RCE on a shared web stack. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An unauthenticated remote attacker enumerates WordPress sites running SigmaForms Pro <= 1.4.5, then sends a crafted multipart POST request to the plugin's file-upload handler containing a PHP webshell with a filename or content-type designed to bypass the plugin's validation logic. Once the file is written under wp-content, the attacker requests its URL to execute commands as the web-server user, pivoting to database credential theft (wp-config.php), admin user creation, and persistence across the site. … |
| Remediation | Upgrade SigmaForms Pro - AI Generated Forms to a version newer than 1.4.5 once the vendor publishes a fixed release; consult the Patchstack advisory at https://patchstack.com/database/wordpress/plugin/sigmaforms-pro/vulnerability/wordpress-sigmaforms-pro-ai-generated-forms-plugin-1-4-5-arbitrary-file-upload-vulnerability for the confirmed patched version, as the exact fix version was not included in the supplied data. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
24 hours: Identify all WordPress instances running SigmaForms Pro ≤1.4.5; immediately deactivate and remove the plugin; conduct forensic audit of wp-content/uploads/ for suspicious files (PHP, executables) and review server logs for unauthorized upload activity. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same technique File Upload
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-37627