Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2026/06/08 2:16 a.m.11 views

CVE-2024-58348

WordPress Background Image Cropper version 1.2 contains a remote code execution vulnerability that allows unauthenticated attackers to upload arbitrary files by accessing the ups.php endpoint. Attackers can upload PHP files through the file upload form in the plugin directory to execute arbitrary...

9.8CVSS0.00767EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/06/08 1:55 a.m.41 views

CVE-2024-58348 WordPress Background Image Cropper 1.2 Remote Code Execution

WordPress Background Image Cropper version 1.2 contains a remote code execution vulnerability that allows unauthenticated attackers to upload arbitrary files by accessing the ups.php endpoint. Attackers can upload PHP files through the file upload form in the plugin directory to execute arbitrary...

9.8CVSS0.00767EPSS
Exploits0References4
EUVD
EUVDadded 2026/06/08 1:55 a.m.9 views

EUVD-2024-55614

WordPress Background Image Cropper version 1.2 contains a remote code execution vulnerability that allows unauthenticated attackers to upload arbitrary files by accessing the ups.php endpoint. Attackers can upload PHP files through the file upload form in the plugin directory to execute arbitrary...

9.8CVSS6.7AI score0.00767EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/06/08 1:55 a.m.6 views

CVE-2024-58348

WordPress Background Image Cropper version 1.2 contains a remote code execution vulnerability that allows unauthenticated attackers to upload arbitrary files by accessing the ups.php endpoint. Attackers can upload PHP files through the file upload form in the plugin directory to execute arbitrary...

9.8CVSS6.7AI score0.00767EPSS
Exploits0References4Affected Software1
CVE
CVEadded 2026/06/08 1:55 a.m.22 views

CVE-2024-58348

Summary: CVE-2024-58348 affects the WordPress Background Image Cropper plugin, version 1.2. An unauthenticated attacker can reach the ups.php endpoint and upload arbitrary files (including PHP scripts), enabling remote code execution on the server. This is a network-accessible issue with low atta...

9.8CVSS6.7AI score0.00767EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/06/08 12:0 a.m.1 views

WordPress plugin Background Image Cropper 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Version...

9.8CVSS6.8AI score0.00767EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/08 12:0 a.m.12 views

PT-2026-47235

Name of the Vulnerable Software and Affected Versions WordPress Background Image Cropper version 1.2 Description An issue allows unauthenticated attackers to upload arbitrary files by accessing the 'ups.php' endpoint. By utilizing the file upload form within the plugin directory, attackers can...

9.8CVSS6.2AI score0.00767EPSS
Exploits0References12
Packet Storm
Packet Stormadded 2024/04/19 12:0 a.m.172 views

WordPress Background Image Cropper 1.2 Shell Upload

Exploit Title: Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution Date: 2024-04-16 Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Vendor Homepage: https://wordpress.org Software Link:...

7.4AI score
Exploits0
Rows per page
Query Builder