Lucene search
PatchstackCVE-2024-25909HistoryFeb 26, 2024 - 4:27 p.m.
CVE-2024-25909
2024-02-2616:27:59
CWE-434
Patchstack
web.nvd.nist.gov
84
cve-2024-25909
unrestricted upload
file upload vulnerability
joomunited
wp media folder
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
9.3
Confidence
High
EPSS
0
Percentile
9.0%
Unrestricted Upload of File with Dangerous Type vulnerability in JoomUnited WP Media folder.This issue affects WP Media folder: from n/a through 5.7.2.
Affected configurations
Node
joomunitedwp_meta_seoRangeβ€5.7.2wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| joomunited | wp_meta_seo | * | cpe:2.3:a:joomunited:wp_meta_seo:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "WP Media folder",
"vendor": "JoomUnited",
"versions": [
{
"changes": [
{
"at": "5.7.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.7.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
WP Media folder < 5.7.3 - Authenticated (Subscriber+) Arbitrary File Upload
2024-03-22 00:00:00
nvd
nvd
CVE-2024-25909
2024-02-26 16:27:59
cvelist
cvelist
prion
prion
Unrestricted file upload
2024-02-26 16:27:00
vulnrichment
vulnrichment
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
9.3
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2024-25909