midi-Synth

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

The midi-Synth plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type and file extension validation in the 'export' AJAX action in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible granted the attacker can obtain a valid nonce. The nonce is exposed in frontend JavaScript making it trivially accessible to unauthenticated attackers.

AI Analysis

Unauthenticated arbitrary file upload vulnerability in midi-Synth plugin for WordPress due to missing file type and file extension validation

Basic Information

ID CVE-2026-1306

Source Wordfence

Published Feb 14, 2026 at 06:42

Affected Product

Vendor adminkov

Product midi-Synth

Version *

Affected Versions adminkov midi-Synth *

CWE Classification

CWE-434

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor adminkov

Product midi-Synth

Version 1.1.0

References

{
    "lastseen": "",
    "description": "The midi-Synth plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type and file extension validation in the 'export' AJAX action in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible granted the attacker can obtain a valid nonce. The nonce is exposed in frontend JavaScript making it trivially accessible to unauthenticated attackers.",
    "published": "2026-02-14T06:42:34.875Z",
    "modified": "2026-02-14T06:42:34.875Z",
    "type": "cve",
    "title": "midi-Synth <= 1.1.0 - Unauthenticated Arbitrary File Upload via 'export' AJAX Action",
    "source": "Wordfence",
    "references": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d5b695d7-c690-4748-b218-5699d1aa63bf?source=cve\nhttps://plugins.trac.wordpress.org/browser/midi-synth/tags/1.1.0/midiSynthConvert.php#L421\nhttps://plugins.trac.wordpress.org/browser/midi-synth/tags/1.1.0/midiSynthConvert.php#L492\nhttps://plugins.trac.wordpress.org/browser/midi-synth/tags/1.1.0/midiSynth.php#L121\nhttps://plugins.trac.wordpress.org/browser/midi-synth/tags/1.1.0/midiSynth.php#L110",
    "id": "CVE-2026-1306",
    "bulletinFamily": "",
    "cwe": [
        "CWE-434"
    ],
    "cvelist": null,
    "sourceData": "adminkov midi-Synth *",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "midi-Synth",
    "version": "*",
    "vendor": "adminkov",
    "ai_description": "Unauthenticated arbitrary file upload vulnerability in midi-Synth plugin for WordPress due to missing file type and file extension validation",
    "ai_severity": "Critical",
    "ai_vendor": "adminkov",
    "ai_product": "midi-Synth",
    "ai_version": "1.1.0",
    "ai_score": 9.8
}

midi-Synth <= 1.1.0 - Unauthenticated Arbitrary File Upload via 'export' AJAX Action_CVE-2026-1306