3 matches found
WordPress Big File Uploads Plugin <= 2.1.2 is vulnerable to Full Path Disclosure (FPD)
Software Big File Uploads Type Plugin Vulnerable versions = 2.1.2 Fixed in 2.1.3 OWASP Top 10 A3: Sensitive Data Exposure Classification Full Path Disclosure FPD CVE CVE-2024-8538 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7d70a0318727 Credits netc4t Required privileg...
CVE-2024-8538
creationtimestamp| type| source ---|---|--- 2024-09-07 11:49:19+00:00| seen| https://t.me/cvedetector/5015 2024-09-07 16:30:38+00:00| seen| https://t.me/HackerArsenal/291...
CVE-2024-8538 Big File Uploads <= 2.1.2 - Authenticated (Author+) Full Path Disclosure
The Big File Uploads – Increase Maximum File Upload Size plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.1.2. This is due the plugin not sanitizing a file path in an error message. This makes it possible for authenticated attackers, with...