📄 WordPress Wux Blog Editor 3.0.0 Vulnerability Scanner

This Metasploit auxiliary module scans WordPress sites for the External Post Editor plugin and checks for the unauthenticated file upload vulnerability that exists in version 3.0.0...

Exploit for CVE-2024-9932

CVE-2024-9932 / 0-Click RCE Exploit - Author: Joshua Provoste...

EUVD-2024-50219

Malicious code in bioql PyPI...

CVE-2024-9932

The Wux Blog Editor plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'wuxbtinsertImageNew' function in versions up to, and including, 3.0.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...

Exploit for CVE-2024-9932

CVE-2024-9932-POC Description: The Wux Blog Editor WordPre...

Exploit for CVE-2024-9932

CVE-2024-9932 Wux Blog Editor = 3.0.0 - Unauthenticated Ar...

CVE-2024-9931

The Wux Blog Editor plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.0.0. This is due to missing validation on the token being supplied during the autologin through the plugin. This makes it possible for unauthenticated attackers to log in to the fir...

CVE-2024-9932

The Wux Blog Editor plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'wuxbtinsertImageNew' function in versions up to, and including, 3.0.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...

CVE-2024-9932

The Wux Blog Editor plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'wuxbtinsertImageNew' function in versions up to, and including, 3.0.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...

CVE-2024-9932

CVE-2024-9932 affects the WordPress plugin “Wux Blog Editor” up to version 3.0.0. The root cause is inadequate file type validation in the wuxbt_insertImageNew function, enabling unauthenticated users to upload arbitrary files to the server and potentially achieve remote code execution. Publicly ...

CVE-2024-9932 Wux Blog Editor <= 3.0.0 - Unauthenticated Arbitrary File Upload

The Wux Blog Editor plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'wuxbtinsertImageNew' function in versions up to, and including, 3.0.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...

CVE-2024-9932 Wux Blog Editor <= 3.0.0 - Unauthenticated Arbitrary File Upload

The Wux Blog Editor plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'wuxbtinsertImageNew' function in versions up to, and including, 3.0.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...

CVE-2024-9931

CVE-2024-9931: Wux Blog Editor for WordPress contains an authentication bypass in versions

CVE-2024-9931 Wux Blog Editor <= 3.0.0 - Authentication Bypass to Administrator

The Wux Blog Editor plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.0.0. This is due to missing validation on the token being supplied during the autologin through the plugin. This makes it possible for unauthenticated attackers to log in to the fir...

WordPress plugin Wux Blog Editor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Wux Blog Editor 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

PT-2024-39946

Name of the Vulnerable Software and Affected Versions Wux Blog Editor plugin for WordPress versions up to, and including, 3.0.0 Description The issue is related to authentication bypass due to missing validation on the token supplied during autologin through the plugin. This allows unauthenticate...

PT-2024-39947

Name of the Vulnerable Software and Affected Versions Wux Blog Editor plugin for WordPress versions up to and including 3.0.0 Description The Wux Blog Editor plugin for WordPress is susceptible to arbitrary file uploads due to inadequate file type validation within the wuxbt insertImageNew...

WordPress Wux Blog Editor plugin <= 3.0.0 - Authentication Bypass to Administrator vulnerability

Authentication Bypass to Administrator vulnerability discovered by István Márton in WordPress Plugin Wux Blog Editor versions = 3.0.0...

WordPress Wux Blog Editor plugin <= 3.0.0 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by István Márton in WordPress Plugin Wux Blog Editor versions = 3.0.0...