CVE-2024-34411

🗓️ 13 May 2024 08:57:52Reported by PatchstackType

Unrestricted File Upload Vulnerability in canvasio3D Ligh

Reporter	Title	Published	Views	Family All 11
CNNVD	WordPress plugin canvasio3D Light 代码问题漏洞	14 May 202400:00	–	cnnvd
Cvelist	CVE-2024-34411 WordPress canvasio3D Light plugin <= 2.5.0 - Arbitrary File Upload vulnerability	13 May 202408:57	–	cvelist
EUVD	EUVD-2024-34772	3 Oct 202520:07	–	euvd
NVD	CVE-2024-34411	14 May 202415:38	–	nvd
Patchstack	WordPress canvasio3D Light plugin <= 2.5.0 - Arbitrary File Upload vulnerability	6 May 202420:18	–	patchstack
Patchstack	WordPress canvasio3D Light Plugin <= 2.5.0 is vulnerable to Arbitrary File Upload	6 May 202400:00	–	patchstack
Positive Technologies	PT-2024-25863 · Unknown · Canvasio3D Light	13 May 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-34411	9 Jan 202608:35	–	redhatcve
Vulnrichment	CVE-2024-34411 WordPress canvasio3D Light plugin <= 2.5.0 - Arbitrary File Upload vulnerability	13 May 202408:57	–	vulnrichment
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (May 6, 2024 to May 12, 2024)	16 May 202413:04	–	wordfence

Vulners

Node

thomas_scholl canvasio3d_lightRange≤2.5.0wordpress

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "canvasio3d-light",
    "product": "canvasio3D Light",
    "vendor": "Thomas Scholl",
    "versions": [
      {
        "lessThanOrEqual": "2.5.0",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/canvasio3d-light/wordpress-canvasio3d-light-plugin-2-5-0-arbitrary-file-upload-vulnerability

28 Apr 2026 19:25Current

5.2Medium risk

Vulners AI Score5.2

CVSS 3.19.9

EPSS0.0076

SSVC

CWE-434