Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
WordPress Plugin Vulnerability Allows Unauthenticated File Uploads
CGA-wc22-f84p-j8f7
Summary
A security flaw exists in a popular WordPress plugin, allowing an attacker to upload malicious files without being logged in. This could lead to the execution of unauthorized code on the website, potentially resulting in data loss or system compromise. Update the affected plugin to the latest version to mitigate this risk.
What to do
- Update chainguard grafana-12.4 to version 12.4.1-r0.
- Update wolfi grafana-12.4 to version 12.4.1-r0.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| chainguard | grafana-12.4 | <= 12.4.1-r0 | 12.4.1-r0 |
| wolfi | grafana-12.4 | <= 12.4.1-r0 | 12.4.1-r0 |
Original title
CGA-wc22-f84p-j8f7
Published: 9 Mar 2026 · Updated: 13 Mar 2026 · First seen: 9 Mar 2026