8 matches found
WordPress Auteur Framework plugin <= 7.1 - Authenticated (Subscriber+) Arbitrary File Upload
Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by Lucio Sá in WordPress Plugin Auteur Framework versions = 7.1...
WordPress Benaa Framework plugin <= 4.0.0 - Authenticated (Subscriber+) Arbitrary File Upload
Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by Lucio Sá in WordPress Plugin Benaa Framework versions = 4.0.0...
WordPress April Framework plugin <= 5.1 - Authenticated (Subscriber+) Arbitrary File Upload
Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by Lucio Sá in WordPress Plugin April Framework versions = 5.1...
WordPress Beyot Framework plugin <= 6.0.6 - Authenticated (Subscriber+) Arbitrary File Upload
Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by Lucio Sá in WordPress Plugin Beyot Framework versions = 6.0.6...
CVE-2024-13418
Multiple plugins and/or themes for WordPress are vulnerable to Arbitrary File Uploads due to a missing capability check on the ajaxUploadFonts function in various versions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files that c...
CVE-2024-13418
Multiple plugins and/or themes for WordPress are vulnerable to Arbitrary File Uploads due to a missing capability check on the ajaxUploadFonts function in various versions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files that c...
CVE-2024-13418 Smart Framework <= Multiple Plugins - Authenticated (Subscriber+) Arbitrary File Upload
Multiple plugins and/or themes for WordPress are vulnerable to Arbitrary File Uploads due to a missing capability check on the ajaxUploadFonts function in various versions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files that c...
CVE-2024-13418 Smart Framework <= Multiple Plugins - Authenticated (Subscriber+) Arbitrary File Upload
Multiple plugins and/or themes for WordPress are vulnerable to Arbitrary File Uploads due to a missing capability check on the ajaxUploadFonts function in various versions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files that c...