CVE-2024-6220

The 简数采集器 Keydatas plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the keydatasdownloadImages function in all versions up to, and including, 2.5.2. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...

CVE-2024-6220

CVE-2024-6220: WordPress Keydatas plugin (≤ 2.5.2) – Arbitrary file upload . Unauthenticated attackers can upload arbitrary files via missing file-type validation in the keydatas_downloadImages function, potentially enabling remote code execution and full site compromise. Affected product is the ...

EUVD-2024-47354

The 简数采集器 Keydatas plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the keydatasdownloadImages function in all versions up to, and including, 2.5.2. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...

WordPres Keydatas plugin <= 2.5.2 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by Foxyyy in WordPress Plugin Keydatas versions = 2.5.2...

PT-2024-37462

Name of the Vulnerable Software and Affected Versions: Keydatas plugin for WordPress versions up to, and including, 2.5.2 Description: The issue is related to arbitrary file uploads due to missing file type validation in the keydatas downloadImages function. This allows unauthenticated attackers ...

WordPress Keydatas Plugin <= 2.5.2 is vulnerable to Arbitrary File Upload

Software Keydatas Type Plugin Vulnerable versions = 2.5.2 Fixed in 2.6.1 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-6220 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 1095cb679b31 Credits Foxyyy Required privilege Unauthenticated...