Lucene search
K

115 matches found

Metasploit
Metasploit
added 2024/12/13 6:55 p.m.692 views

WordPress WP Time Capsule Arbitrary File Upload to RCE

This module exploits an arbitrary file upload vulnerability in the WordPress WP Time Capsule plugin versions use exploit/multi/http/wptimecapsulefileuploadrce msf exploitwptimecapsulefileuploadrce show targets ...targets... msf exploitwptimecapsulefileuploadrce set TARGET msf...

9.8CVSS8.3AI score0.93709EPSS
Exploits7
GithubExploit
GithubExploit
added 2024/11/21 4:1 a.m.454 views

Exploit for Unrestricted Upload of File with Dangerous Type in Revmakx Backup_And_Staging_By_Wp_Time_Capsule

CVE-2024-8856 This tool scans WordPress websites for vulnerab...

9.8CVSS9.8AI score0.93709EPSS
Exploits7
Patchstack
Patchstack
added 2024/11/18 7:31 a.m.9 views

WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.21 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by Rein Daelman trein in WordPress Plugin Backup and Staging by WP Time Capsule versions = 1.22.21...

9.8CVSS7AI score0.93709EPSS
Exploits7References1Affected Software1
OSV
OSV
added 2024/11/16 5:15 a.m.4 views

CVE-2024-8856

The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the the UploadHandler.php file and no direct file access prevention in all versions up to, and including, 1.22.21. This makes it possible for unauthenticat...

9.8CVSS7.9AI score0.93709EPSS
Exploits7References5
NVD
NVD
added 2024/11/16 5:15 a.m.32 views

CVE-2024-8856

The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the the UploadHandler.php file and no direct file access prevention in all versions up to, and including, 1.22.21. This makes it possible for unauthenticat...

9.8CVSS0.93709EPSS
Exploits7References5
CNNVD
CNNVD
added 2024/11/16 12:0 a.m.10 views

WordPress plugin Backup and Staging by WP Time Capsule 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

9.8CVSS9.1AI score0.93709EPSS
Exploits7References5
NVD
NVD
added 2024/10/23 4:15 p.m.35 views

CVE-2024-49684

Deserialization of Untrusted Data vulnerability in revmakx Backup and Staging by WP Time Capsule wp-time-capsule allows Object Injection.This issue affects Backup and Staging by WP Time Capsule: from n/a through = 1.22.21...

7.2CVSS0.00516EPSS
Exploits0References1
CVE
CVE
added 2024/10/23 3:13 p.m.59 views

CVE-2024-49684

CVE-2024-49684 refers to a Deserialization of Untrusted Data vulnerability in the WordPress plugin “Backup and Staging by WP Time Capsule” (versions

7.2CVSS5.9AI score0.00516EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/23 3:13 p.m.19 views

CVE-2024-49684 WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.21 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in revmakx Backup and Staging by WP Time Capsule wp-time-capsule allows Object Injection.This issue affects Backup and Staging by WP Time Capsule: from n/a through = 1.22.21...

7.2CVSS5.9AI score0.00516EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/23 12:0 a.m.4 views

WordPress plugin Backup and Staging by WP Time Capsule 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

7.2CVSS7.2AI score0.00516EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/23 12:0 a.m.10 views

PT-2024-33637 · Wp Time Capsule · Backup/Staging By Wp Time Capsule

Name of the Vulnerable Software and Affected Versions: Backup and Staging by WP Time Capsule versions 1.22.21 and earlier Description: The issue is related to Deserialization of Untrusted Data, which allows Object Injection. Recommendations: For versions 1.22.21 and earlier, update to a version...

7.2CVSS6.8AI score0.00516EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/10/21 9:27 a.m.4 views

WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.21 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin Backup and Staging by WP Time Capsule versions = 1.22.21...

7.2CVSS7.3AI score0.00516EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/10/11 7:15 p.m.19 views

CVE-2024-48020

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in revmakx Backup and Staging by WP Time Capsule wp-time-capsule allows SQL Injection.This issue affects Backup and Staging by WP Time Capsule: from n/a through = 1.22.21...

8.5CVSS0.00473EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/11 6:15 p.m.31 views

CVE-2024-48020 WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.21 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in revmakx Backup and Staging by WP Time Capsule wp-time-capsule allows SQL Injection.This issue affects Backup and Staging by WP Time Capsule: from n/a through = 1.22.21...

8.5CVSS0.00473EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/11 6:15 p.m.25 views

CVE-2024-48020 WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.21 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in revmakx Backup and Staging by WP Time Capsule wp-time-capsule allows SQL Injection.This issue affects Backup and Staging by WP Time Capsule: from n/a through = 1.22.21...

8.5CVSS5.6AI score0.00473EPSS
Exploits0References1
CVE
CVE
added 2024/10/11 6:15 p.m.51 views

CVE-2024-48020

CVE-2024-48020 : SQL Injection in Revmakx Backup and Staging by WP Time Capsule (plugin) up to version 1.22.21. Root cause: improper neutralization of input in SQL commands. Impact: high risk of data exposure/alteration via network access (CVSS v3.1 base 8.5). Affected: Backup and Staging by WP T...

8.5CVSS5.9AI score0.00473EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/11 12:0 a.m.4 views

WordPress plugin Backup and Staging by WP Time Capsule SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

8.5CVSS7.8AI score0.00473EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/11 12:0 a.m.10 views

PT-2024-32937 · Wp Time Capsule · Revmakx Backup/Staging

Name of the Vulnerable Software and Affected Versions: Revmakx Backup and Staging by WP Time Capsule versions 1.22.21 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL...

8.5CVSS7.9AI score0.00473EPSS
Exploits0References6
Patchstack
Patchstack
added 2024/10/08 1:17 p.m.4 views

WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.21 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin Backup and Staging by WP Time Capsule versions = 1.22.21...

8.5CVSS8.1AI score0.00473EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/10/08 12:0 a.m.19 views

WordPress Backup and Staging by WP Time Capsule Plugin <= 1.22.21 is vulnerable to SQL Injection

Software Backup and Staging by WP Time Capsule Type Plugin Vulnerable versions = 1.22.21 Fixed in 1.22.22 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-48020 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 257cfd27ce2c Credits Hakiduck Required...

8.5CVSS7.2AI score0.00473EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder