9 matches found
EUVD-2024-47431
Malicious code in bioql PyPI...
CVE-2024-6315
The Blox Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handleUploadFile' function in all versions up to, and including, 1.0.65. This makes it possible for authenticated attackers, with contributor-level and above permissions,...
WordPress Blox Page Builder plugin <= 1.0.65 - Authenticated (Contributor+) Arbitrary File Upload vulnerability
Authenticated Contributor+ Arbitrary File Upload vulnerability discovered by István Márton in WordPress Plugin Blox Page Builder versions = 1.0.65...
CVE-2024-6315
The Blox Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handleUploadFile' function in all versions up to, and including, 1.0.65. This makes it possible for authenticated attackers, with contributor-level and above permissions,...
CVE-2024-6315 Blox Page Builder <= 1.0.65 - Authenticated (Contributor+) Arbitrary File Upload
The Blox Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handleUploadFile' function in all versions up to, and including, 1.0.65. This makes it possible for authenticated attackers, with contributor-level and above permissions,...
CVE-2024-6315
CVE-2024-6315 concerns Blox Page Builder for WordPress. The vulnerability stems from missing file-type validation in the handleUploadFile function across versions up to 1.0.65, enabling authenticated users with contributor+ permissions to upload arbitrary files to the server; this could enable re...
PT-2024-37536 · WordPress · Blox Page Builder
Name of the Vulnerable Software and Affected Versions: Blox Page Builder plugin for WordPress versions up to, and including, 1.0.65 Description: The issue is related to missing file type validation in the handleUploadFile function, allowing authenticated attackers with contributor-level and above...
WordPress plugin Blox Page Builder 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Blox Page Builder Plugin <= 1.0.65 is vulnerable to Arbitrary File Upload
Software Blox Page Builder Type Plugin Vulnerable versions = 1.0.65 Fixed in N/A OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-6315 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID ffdf8c3e90d1 Credits István Márton Required privilege...