2172 matches found
CVE-2024-52407 WordPress BasePress Migration Tools plugin <= 1.0.0 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in codeSavory BasePress Migration Tools allows Upload a Web Shell to a Web Server.This issue affects BasePress Migration Tools: from n/a through 1.0.0...
CVE-2024-52407
CVE-2024-52407 (WordPress BasePress Migration Tools) affects BasePress Migration Tools (WordPress plugin) versions
CVE-2024-52408 WordPress Push Notifications for WordPress by PushAssist plugin <= 3.0.8 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in pushassist Push Notifications for WordPress by PushAssist push-notification-for-wp-by-pushassist allows Upload a Web Shell to a Web Server.This issue affects Push Notifications for WordPress by PushAssist: from n/a through = 3.0.8...
CVE-2024-52408 WordPress Push Notifications for WordPress by PushAssist plugin <= 3.0.8 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in pushassist Push Notifications for WordPress by PushAssist push-notification-for-wp-by-pushassist allows Upload a Web Shell to a Web Server.This issue affects Push Notifications for WordPress by PushAssist: from n/a through = 3.0.8...
CVE-2024-52416 WordPress Debug Tool plugin <= 2.2 - Remote Code Execution vulnerability
Missing Authorization vulnerability in Eugen Bobrowski Debug Tool debug-tool allows Upload a Web Shell to a Web Server.This issue affects Debug Tool: from n/a through = 2.2...
CVE-2024-52416
CVE-2024-52416 affects the WordPress Debug Tool plugin, vulnerable in versions n/a through 2.2 due to missing authorization checks and file type validation, enabling unauthenticated attackers to upload a web shell and potentially achieve remote code execution. The issue is associated with the dbt...
PT-2024-35235 · Unknown · Convert Docx2Post
Name of the Vulnerable Software and Affected Versions: Convert Docx2post versions n/a through 1.4 Description: The issue allows an unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can be exploited by uploading a malicious file to the...
PT-2024-35239 · Subhasis Laha · Gallerio
Name of the Vulnerable Software and Affected Versions: Subhasis Laha Gallerio versions n/a through 1.01 Description: The issue allows an unrestricted upload of a file with a dangerous type, enabling the upload of a web shell to a web server. This can lead to potential security risks...
PT-2024-35244 · Unknown · B-Banner Slider
Name of the Vulnerable Software and Affected Versions: B-Banner Slider versions 1.1 and earlier Description: The issue is related to an unrestricted upload of files with dangerous types, allowing an attacker to upload a web shell to a web server. This poses a severe cybersecurity risk...
PT-2024-35242 · WordPress · Wpexperts User Management
Name of the Vulnerable Software and Affected Versions: WPExperts User Management versions n/a through 1.1 Description: The issue allows users to upload files that are dangerous, potentially leading to the uploading of a web shell to a web server. This can be exploited by uploading harmful files,...
PT-2024-35256 · Unknown · Eugen Bobrowski Debug Tool
Name of the Vulnerable Software and Affected Versions: Eugen Bobrowski Debug Tool versions n/a through 2.2 Description: The issue is related to a Missing Authorization vulnerability in the Eugen Bobrowski Debug Tool, which allows an attacker to upload a web shell to a web server. Recommendations:...
PT-2024-35237 · Unknown · Clarisse K. Writer Helper
Name of the Vulnerable Software and Affected Versions: Clarisse K. Writer Helper versions 3.1.6 and earlier Description: The issue allows users to upload dangerous files, potentially enabling web server compromise by uploading a web shell. This can be exploited by attackers to gain unauthorized...
PT-2024-35245 · Unknown · Wibergs Web Csv To Html
Name of the Vulnerable Software and Affected Versions: Wibergs Web CSV to html versions n/a through 3.04 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can lead to harmful files being uploaded...
PT-2024-35246 · Unknown · Basepress Migration Tools
Name of the Vulnerable Software and Affected Versions: BasePress Migration Tools versions 1.0.0 and earlier Description: The issue allows an attacker to upload a web shell to a web server by exploiting an Unrestricted Upload of File with Dangerous Type vulnerability in the BasePress Migration...
CVE-2024-52369
Unrestricted Upload of File with Dangerous Type vulnerability in Optimal Access KBucket kbucket allows Upload a Web Shell to a Web Server.This issue affects KBucket: from n/a through = 4.2.2...
CVE-2024-52370
Unrestricted Upload of File with Dangerous Type vulnerability in Hive Support Hive Support hive-support allows Upload a Web Shell to a Web Server.This issue affects Hive Support: from n/a through = 1.1.1...
CVE-2024-52369 WordPress KBucket plugin <= 4.2.2 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Optimal Access KBucket kbucket allows Upload a Web Shell to a Web Server.This issue affects KBucket: from n/a through = 4.2.2...
CVE-2024-52369
CVE-2024-52369 affects WordPress KBucket plugin versions up to 4.1.6 and is an Unrestricted Upload of File with Dangerous Type vulnerability that allows upload of a web shell to the server. Connected records indicate patched status for KBucket, with fixes in later builds (e.g., 4.2.2+ as per Patc...
CVE-2024-52380
Unrestricted Upload of File with Dangerous Type vulnerability in softpulseinfotech Picsmize picsmize allows Upload a Web Shell to a Web Server.This issue affects Picsmize: from n/a through = 1.0.0...
CVE-2024-52377
Unrestricted Upload of File with Dangerous Type vulnerability in bdthemes Instant Image Generator ai-image allows Upload a Web Shell to a Web Server.This issue affects Instant Image Generator: from n/a through = 1.5.2...