5 matches found
CVE-2024-6313
The Gutenberg Forms plugin for WordPress is vulnerable to arbitrary file uploads due to the users can specify the allowed file types in the 'upload' function in versions up to, and including, 2.2.9. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...
CVE-2024-6313
creationtimestamp| type| source ---|---|--- 2024-07-09 10:59:30+00:00| seen| https://t.me/cvedetector/269 2024-08-30 06:52:02+00:00| published-proof-of-concept| https://t.me/codeb0ss/1554 2024-08-31 12:29:12+00:00| published-proof-of-concept|...
CVE-2024-6313
The Gutenberg Forms plugin for WordPress is vulnerable to arbitrary file uploads due to the users can specify the allowed file types in the 'upload' function in versions up to, and including, 2.2.9. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...
CVE-2024-6313 Gutenberg Forms <= 2.2.9 - Unauthenticated Arbitrary File Upload
The Gutenberg Forms plugin for WordPress is vulnerable to arbitrary file uploads due to the users can specify the allowed file types in the 'upload' function in versions up to, and including, 2.2.9. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...
WordPress WordPress Form Builder Plugin – Gutenberg Forms Plugin <= 2.2.9 is vulnerable to Arbitrary File Upload
Software WordPress Form Builder Plugin – Gutenberg Forms Type Plugin Vulnerable versions = 2.2.9 Fixed in N/A OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-6313 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 6945098cfe6d Credits István Márt...