Lucene search
K

8 matches found

Patchstack
Patchstack
added 2025/07/31 6:51 p.m.6 views

WordPress Auteur Framework plugin <= 7.1 - Authenticated (Subscriber+) Arbitrary File Upload

Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by Lucio Sá in WordPress Plugin Auteur Framework versions = 7.1...

8.8CVSS8.9AI score0.00595EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/31 6:51 p.m.5 views

WordPress Benaa Framework plugin <= 4.0.0 - Authenticated (Subscriber+) Arbitrary File Upload

Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by Lucio Sá in WordPress Plugin Benaa Framework versions = 4.0.0...

8.8CVSS8.9AI score0.00595EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/31 6:51 p.m.5 views

WordPress April Framework plugin <= 5.1 - Authenticated (Subscriber+) Arbitrary File Upload

Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by Lucio Sá in WordPress Plugin April Framework versions = 5.1...

8.8CVSS8.8AI score0.00595EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/31 6:51 p.m.6 views

WordPress Beyot Framework plugin <= 6.0.6 - Authenticated (Subscriber+) Arbitrary File Upload

Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by Lucio Sá in WordPress Plugin Beyot Framework versions = 6.0.6...

8.8CVSS8.9AI score0.00595EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/04 3:59 a.m.25 views

CVE-2024-13418

Multiple plugins and/or themes for WordPress are vulnerable to Arbitrary File Uploads due to a missing capability check on the ajaxUploadFonts function in various versions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files that c...

8.8CVSS7.7AI score0.00595EPSS
Exploits0References1
NVD
NVD
added 2025/05/02 4:15 a.m.27 views

CVE-2024-13418

Multiple plugins and/or themes for WordPress are vulnerable to Arbitrary File Uploads due to a missing capability check on the ajaxUploadFonts function in various versions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files that c...

8.8CVSS0.00595EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/05/02 3:21 a.m.14 views

CVE-2024-13418 Smart Framework <= Multiple Plugins - Authenticated (Subscriber+) Arbitrary File Upload

Multiple plugins and/or themes for WordPress are vulnerable to Arbitrary File Uploads due to a missing capability check on the ajaxUploadFonts function in various versions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files that c...

8.8CVSS8.8AI score0.00595EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/02 3:21 a.m.18 views

CVE-2024-13418 Smart Framework <= Multiple Plugins - Authenticated (Subscriber+) Arbitrary File Upload

Multiple plugins and/or themes for WordPress are vulnerable to Arbitrary File Uploads due to a missing capability check on the ajaxUploadFonts function in various versions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files that c...

8.8CVSS0.00595EPSS
Exploits0References2
Rows per page
Query Builder