{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T18:13:31.608","vulnerabilities":[{"cve":{"id":"CVE-2026-1306","sourceIdentifier":"security@wordfence.com","published":"2026-02-14T07:16:10.150","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The midi-Synth plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type and file extension validation in the 'export' AJAX action in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible granted the attacker can obtain a valid nonce. The nonce is exposed in frontend JavaScript making it trivially accessible to unauthenticated attackers."},{"lang":"es","value":"El plugin midi-Synth para WordPress es vulnerable a la carga arbitraria de archivos debido a la falta de validación del tipo de archivo y de la extensión de archivo en la acción AJAX 'export' en todas las versiones hasta la 1.1.0, inclusive. Esto permite a los atacantes no autenticados cargar archivos arbitrarios en el servidor del sitio afectado, lo que podría hacer posible la ejecución remota de código siempre que el atacante pueda obtener un nonce válido. El nonce está expuesto en el JavaScript de frontend, lo que lo hace trivialmente accesible para los atacantes no autenticados."}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/midi-synth/tags/1.1.0/midiSynth.php#L110","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/midi-synth/tags/1.1.0/midiSynth.php#L121","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/midi-synth/tags/1.1.0/midiSynthConvert.php#L421","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/midi-synth/tags/1.1.0/midiSynthConvert.php#L492","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3460788%40midi-synth&new=3460788%40midi-synth&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d5b695d7-c690-4748-b218-5699d1aa63bf?source=cve","source":"security@wordfence.com"}]}}]}