Lucene search
PatchstackCVELIST:CVE-2024-31286HistoryApr 07, 2024 - 5:30 p.m.
CVE-2024-31286 WordPress WP Photo Album Plus plugin < 8.6.03.005 - Arbitrary File Upload vulnerability
2024-04-0717:30:50
CWE-434
Patchstack
www.cve.org
11
wordpress
photo album plus
arbitrary file upload
unrestricted upload
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0
Percentile
9.0%
Unrestricted Upload of File with Dangerous Type vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a before 8.6.03.005.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-photo-album-plus",
"product": "WP Photo Album Plus",
"vendor": "J.N. Breetvelt a.k.a. OpaJaap",
"versions": [
{
"changes": [
{
"at": "8.6.03.005",
"status": "unaffected"
}
],
"lessThan": "8.6.03.005",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
cve
cve
CVE-2024-31286
2024-04-07 18:15:11
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-31286
2024-04-07 18:15:11
wordfence
wordfence
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVELIST:CVE-2024-31286