{"api_version":"1","generated_at":"2026-07-16T13:23:11+00:00","cve":"CVE-2026-12684","urls":{"html":"https://cve.report/CVE-2026-12684","api":"https://cve.report/api/cve/CVE-2026-12684.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-12684","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-12684"},"summary":{"title":"Customer Reviews for WooCommerce < 5.113.0 - Unauthenticated Arbitrary Media Upload via cr_upload_media","description":"The Customer Reviews for WooCommerce WordPress plugin before 5.113.0 does not perform authentication, capability, or nonce checks on one of its media upload AJAX actions when the review media attachment feature is enabled, allowing unauthenticated users to upload media files (bounded to an image and video allowlist) to the Media Library and create attachment posts, leading to media library pollution and disk space exhaustion.","state":"PUBLISHED","assigner":"WPScan","published_at":"2026-07-16 07:16:47","updated_at":"2026-07-16 07:16:47"},"problem_types":["CWE-434 Unrestricted Upload of File with Dangerous Type"],"metrics":[],"references":[{"url":"https://wpscan.com/vulnerability/169d3455-dd98-4b0b-b6c1-6c9c28aa9707/","name":"https://wpscan.com/vulnerability/169d3455-dd98-4b0b-b6c1-6c9c28aa9707/","refsource":"contact@wpscan.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-12684","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12684","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Unknown","product":"Customer Reviews for WooCommerce","version":"affected 5.113.0 semver","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"CNA","value":"Tom C","lang":"en"},{"source":"CNA","value":"WPScan","lang":"en"}],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Customer Reviews for WooCommerce","vendor":"Unknown","versions":[{"lessThan":"5.113.0","status":"affected","version":"0","versionType":"semver"}]}],"credits":[{"lang":"en","type":"finder","value":"Tom C"},{"lang":"en","type":"coordinator","value":"WPScan"}],"descriptions":[{"lang":"en","value":"The Customer Reviews for WooCommerce WordPress plugin before 5.113.0 does not perform authentication, capability, or nonce checks on one of its media upload AJAX actions when the review media attachment feature is enabled, allowing unauthenticated users to upload media files (bounded to an image and video allowlist) to the Media Library and create attachment posts, leading to media library pollution and disk space exhaustion."}],"problemTypes":[{"descriptions":[{"description":"CWE-434 Unrestricted Upload of File with Dangerous Type","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-07-16T06:00:04.102Z","orgId":"1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81","shortName":"WPScan"},"references":[{"tags":["exploit","vdb-entry","technical-description"],"url":"https://wpscan.com/vulnerability/169d3455-dd98-4b0b-b6c1-6c9c28aa9707/"}],"source":{"discovery":"EXTERNAL"},"title":"Customer Reviews for WooCommerce < 5.113.0 - Unauthenticated Arbitrary Media Upload via cr_upload_media","x_generator":{"engine":"WPScan CVE Generator"}}},"cveMetadata":{"assignerOrgId":"1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81","assignerShortName":"WPScan","cveId":"CVE-2026-12684","datePublished":"2026-07-16T06:00:04.102Z","dateReserved":"2026-06-19T07:49:11.659Z","dateUpdated":"2026-07-16T06:00:04.102Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-07-16 07:16:47","lastModifiedDate":"2026-07-16 07:16:47","problem_types":["CWE-434 Unrestricted Upload of File with Dangerous Type"],"metrics":[],"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"12684","Ordinal":"1","Title":"Customer Reviews for WooCommerce < 5.113.0 - Unauthenticated Arb","CVE":"CVE-2026-12684","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"12684","Ordinal":"1","NoteData":"The Customer Reviews for WooCommerce WordPress plugin before 5.113.0 does not perform authentication, capability, or nonce checks on one of its media upload AJAX actions when the review media attachment feature is enabled, allowing unauthenticated users to upload media files (bounded to an image and video allowlist) to the Media Library and create attachment posts, leading to media library pollution and disk space exhaustion.","Type":"Description","Title":"Customer Reviews for WooCommerce < 5.113.0 - Unauthenticated Arb"}]}}}