Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/02/04 11:55 p.m.5 views

CVE-2024-13333

The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fmalocalfilesystem' function in versions 5.2.12 to 5.2.13. This makes it possible for authenticated attackers, with Subscriber-level access and above and upload...

7.5CVSS7.6AI score0.00879EPSS
Exploits0References1
nvd
nvd
added 2025/01/17 6:15 a.m.17 views

CVE-2024-13333

The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fmalocalfilesystem' function in versions 5.2.12 to 5.2.13. This makes it possible for authenticated attackers, with Subscriber-level access and above and upload...

7.5CVSS0.00879EPSS
Exploits0References3
circl
circl
added 2025/01/17 5:36 a.m.7 views

CVE-2024-13333

creationtimestamp| type| source ---|---|--- 2025-01-17 05:36:09+00:00| seen| https://infosec.exchange/users/cve/statuses/113842072385666285 2025-01-17 05:56:42+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/2098 2025-01-17 06:15:33+00:00| seen|...

7.5CVSS7.3AI score0.00879EPSS
Exploits0References5
cve
cve
added 2025/01/17 5:29 a.m.50 views

CVE-2024-13333

CVE-2024-13333 affects the WordPress plugin Advanced File Manager (versions 5.2.12–5.2.13). It enables authenticated users with Subscriber-level access (and any admin-granted upload permission) to upload arbitrary files due to missing file type validation in fma_local_file_system, with exploitati...

7.5CVSS7.8AI score0.00879EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2025/01/17 5:29 a.m.22 views

CVE-2024-13333 Advanced File Manager 5.2.12 - 5.2.13 - Authenticated (Subscriber+) Arbitrary File Upload

The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fmalocalfilesystem' function in versions 5.2.12 to 5.2.13. This makes it possible for authenticated attackers, with Subscriber-level access and above and upload...

7.5CVSS0.00879EPSS
Exploits0References3
Rows per page
Query Builder