5 matches found
CVE-2024-12209
The WP Umbrella: Update Backup Restore & Monitoring plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.17.0 via the 'filename' parameter of the 'umbrella-restore' action. This makes it possible for unauthenticated attackers to include and execute...
CVE-2024-12209
The WP Umbrella: Update Backup Restore & Monitoring plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.17.0 via the 'filename' parameter of the 'umbrella-restore' action. This makes it possible for unauthenticated attackers to include and execute...
CVE-2024-12209
creationtimestamp| type| source ---|---|--- 2024-12-08 05:33:48+00:00| seen| https://infosec.exchange/users/cve/statuses/113615570697901377 2024-12-08 07:45:18+00:00| seen| https://t.me/cvedetector/12330 2024-12-08 11:24:46+00:00| seen| https://t.me/CyberBulletin/26733 2024-12-08 11:24:47+00:00|...
CVE-2024-12209
Summary (CVE-2024-12209): WP Umbrella: Update Backup Restore & Monitoring plugin for WordPress is vulnerable to Local File Inclusion in all versions up to 2.17.0 via the umbrella-restore action’s filename parameter. Unauthenticated attackers can include and execute arbitrary server files, enablin...
CVE-2024-12209 WP Umbrella: Update Backup Restore & Monitoring <= 2.17.0 - Unauthenticated Local File Inclusion
The WP Umbrella: Update Backup Restore & Monitoring plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.17.0 via the 'filename' parameter of the 'umbrella-restore' action. This makes it possible for unauthenticated attackers to include and execute...