4 matches found
CVE-2024-9939
The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.13 via wfufiledownloader.php. This makes it possible for unauthenticated attackers to read files outside of the originally intended directory...
CVE-2024-9939
CVE-2024-9939 (WordPress File Upload plugin) is a path traversal vulnerability that affects WordPress File Upload up to version 4.24.13 via wfu_file_downloader.php, enabling unauthenticated attackers to read files outside the intended directory. The issue is confirmed in connected Red Hat and Wor...
CVE-2024-9939 WordPress File Upload <= 4.24.13 - Unauthenticated Path Traversal to Arbitrary File Read in wfu_file_downloader.php
The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.13 via wfufiledownloader.php. This makes it possible for unauthenticated attackers to read files outside of the originally intended directory...
CVE-2024-9939
creationtimestamp| type| source ---|---|--- 2025-01-07 21:01:04+00:00| seen| https://bsky.app/profile/abrahack.bsky.social/post/3lf6k7fj6x22d 2025-01-08 08:34:48+00:00| seen| https://infosec.exchange/users/cve/statuses/113791814054818001 2025-01-08 09:12:49+00:00| published-proof-of-concept|...