Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:4 p.m.8 views

CVE-2021-24757

The Stylish Price List WordPress plugin before 6.9.0 does not perform capability checks in its spluploadserimg AJAX action available to both unauthenticated and authenticated users, which could allow unauthenticated users to upload images...

5.3CVSS6.7AI score0.0102EPSS
Exploits2References1
NVD
NVD
added 2021/11/01 9:15 a.m.15 views

CVE-2021-24757

The Stylish Price List WordPress plugin before 6.9.0 does not perform capability checks in its spluploadserimg AJAX action available to both unauthenticated and authenticated users, which could allow unauthenticated users to upload images...

5.3CVSS0.0102EPSS
Exploits2References1
CVE
CVE
added 2021/11/01 8:46 a.m.52 views

CVE-2021-24757

CVE-2021-24757 affects the WordPress plugin Stylish Price List (versions prior to 6.9.0). The root cause is missing capability checks in the spl_upload_ser_img AJAX action, making image uploads possible by unauthenticated users. This could lead to arbitrary image upload and potential misuse on af...

5.3CVSS5.2AI score0.0102EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2021/11/01 8:46 a.m.18 views

CVE-2021-24757 Stylish Price List < 6.9.0 - Unauthenticated Arbitrary Image Upload

The Stylish Price List WordPress plugin before 6.9.0 does not perform capability checks in its spluploadserimg AJAX action available to both unauthenticated and authenticated users, which could allow unauthenticated users to upload images...

5.6AI score0.0102EPSS
Exploits2References1
Rows per page
Query Builder