Lucene search
K

4 matches found

OSV
OSV
added 2025/01/08 9:15 a.m.3 views

CVE-2024-9939

The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.13 via wfufiledownloader.php. This makes it possible for unauthenticated attackers to read files outside of the originally intended directory...

7.5CVSS7.3AI score0.01016EPSS
Exploits0References2
CVE
CVE
added 2025/01/08 8:18 a.m.57 views

CVE-2024-9939

CVE-2024-9939 (WordPress File Upload plugin) is a path traversal vulnerability that affects WordPress File Upload up to version 4.24.13 via wfu_file_downloader.php, enabling unauthenticated attackers to read files outside the intended directory. The issue is confirmed in connected Red Hat and Wor...

7.5CVSS7.4AI score0.01016EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/01/08 8:18 a.m.18 views

CVE-2024-9939 WordPress File Upload <= 4.24.13 - Unauthenticated Path Traversal to Arbitrary File Read in wfu_file_downloader.php

The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.13 via wfufiledownloader.php. This makes it possible for unauthenticated attackers to read files outside of the originally intended directory...

7.5CVSS0.01016EPSS
Exploits0References3
Circl
Circl
added 2025/01/07 9:1 p.m.10 views

CVE-2024-9939

creationtimestamp| type| source ---|---|--- 2025-01-07 21:01:04+00:00| seen| https://bsky.app/profile/abrahack.bsky.social/post/3lf6k7fj6x22d 2025-01-08 08:34:48+00:00| seen| https://infosec.exchange/users/cve/statuses/113791814054818001 2025-01-08 09:12:49+00:00| published-proof-of-concept|...

7.5CVSS7.8AI score0.01016EPSS
Exploits0References8
Rows per page
Query Builder