6 matches found
WordPress Temporary Login plugin <= 1.0.0 - Authentication Bypass to Account Takeover vulnerability
Authentication Bypass to Account Takeover vulnerability discovered by TANG Cheuk Hei siunam in WordPress Plugin Temporary Login versions = 1.0.0...
WordPress Advanced File Manager plugin 5.2.12-5.2.13 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability
Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by TANG Cheuk Hei siunam in WordPress Plugin Advanced File Manager versions 5.2.12-5.2.13...
WordPress FileOrganizer plugin <= 1.0.9 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability
Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by TANG Cheuk Hei siunam in WordPress Plugin FileOrganizer versions = 1.0.9...
WordPress FileOrganizer Plugin <= 1.0.9 is vulnerable to Arbitrary File Upload
Software FileOrganizer Type Plugin Vulnerable versions = 1.0.9 Fixed in 1.1.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-7985 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 9a28a4363098 Credits TANG Cheuk Hei siunam Required privilege...
WordPress File Manager Pro plugin <= 8.3.9 - Unauthenticated Limited JavaScript File Upload vulnerability
Unauthenticated Limited JavaScript File Upload vulnerability discovered by TANG Cheuk Hei siunam in WordPress Plugin File Manager Pro versions = 8.3.9...
WordPress Bit Form plugin <= 2.15.2 - Authenticated (Administrator+) Improper Input Validation to Arbitrary File Read vulnerability
Authenticated Administrator+ Improper Input Validation to Arbitrary File Read vulnerability discovered by TANG Cheuk Hei siunam in WordPress Plugin Bit Form versions = 2.15.2...