CVE-2024-8538

The Big File Uploads – Increase Maximum File Upload Size plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.1.2. This is due the plugin not sanitizing a file path in an error message. This makes it possible for authenticated attackers, with...

CVE-2023-47792

Cross-Site Request Forgery CSRF vulnerability in Infinite Uploads Big File Uploads – Increase Maximum File Upload Size plugin = 2.1.1 versions...

CVE-2022-42029

Chamilo 1.11.16 is affected by an authenticated local file inclusion vulnerability which allows authenticated users with access to 'big file uploads' to copy/move files from anywhere in the file system into the web directory...

WordPress Big File Uploads plugin <= 2.1.2 - Authenticated (Author+) Full Path Disclosure vulnerability

Authenticated Author+ Full Path Disclosure vulnerability discovered by netc4t in WordPress Plugin Big File Uploads versions = 2.1.2...

WordPress Big File Uploads Plugin <= 2.1.2 is vulnerable to Full Path Disclosure (FPD)

Software Big File Uploads Type Plugin Vulnerable versions = 2.1.2 Fixed in 2.1.3 OWASP Top 10 A3: Sensitive Data Exposure Classification Full Path Disclosure FPD CVE CVE-2024-8538 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7d70a0318727 Credits netc4t Required privileg...

CVE-2024-8538

The Big File Uploads – Increase Maximum File Upload Size plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.1.2. This is due the plugin not sanitizing a file path in an error message. This makes it possible for authenticated attackers, with...

CVE-2024-8538 Big File Uploads <= 2.1.2 - Authenticated (Author+) Full Path Disclosure

The Big File Uploads – Increase Maximum File Upload Size plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.1.2. This is due the plugin not sanitizing a file path in an error message. This makes it possible for authenticated attackers, with...

CVE-2024-8538 Big File Uploads <= 2.1.2 - Authenticated (Author+) Full Path Disclosure

The Big File Uploads – Increase Maximum File Upload Size plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.1.2. This is due the plugin not sanitizing a file path in an error message. This makes it possible for authenticated attackers, with...

WordPress plugin Big File Uploads 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. An information disclosure...

Big File Uploads < 2.1.2 - Cross-Site Request Forgery via actions

Description The Big File Uploads plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1.1. This is due to missing or incorrect nonce validation on the actions function. This makes it possible for unauthenticated attackers to dismiss or delay admin...

CVE-2023-47792

Cross-Site Request Forgery CSRF vulnerability in Infinite Uploads Big File Uploads – Increase Maximum File Upload Size plugin = 2.1.1 versions...

CVE-2023-47792

Cross-Site Request Forgery CSRF vulnerability in Infinite Uploads Big File Uploads – Increase Maximum File Upload Size plugin = 2.1.1 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Infinite Uploads Big File Uploads – Increase Maximum File Upload Size plugin = 2.1.1 versions...

CVE-2023-47792

CVE-2023-47792 is a CSRF vulnerability in the WordPress plugin Infinite Uploads Big File Uploads – Increase Maximum File Upload Size (versions ≤ 2.1.1). The issue is due to insufficient CSRF protections on actions, enabling unauthenticated exploitation to trigger state-changing requests. CVSS v3....

WordPress Plugin Big File Uploads Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Big File Uploads - Increas...

WordPress Big File Uploads Plugin <= 2.1.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Big File Uploads Type Plugin Vulnerable versions = 2.1.1 Fixed in 2.1.2 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-47792 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3f74fe7bd86f Credits Abdi Pranata...

CVE-2022-42029

Chamilo 1.11.16 is affected by an authenticated local file inclusion vulnerability which allows authenticated users with access to 'big file uploads' to copy/move files from anywhere in the file system into the web directory...