Lucene search
K

6 matches found

OpenVAS
OpenVAS
added 2022/03/14 12:0 a.m.17 views

WordPress LearnPress Plugin < 4.1.5 Arbitrary Image Renaming Vulnerability

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

4.3CVSS4.7AI score0.03205EPSS
Exploits5References1
CVE
CVE
added 2022/02/28 9:6 a.m.108 views

CVE-2022-0377

Affected software: WordPress LearnPress plugin prior to version 4.1.5. Vulnerability: An arbitrary image rename during profile avatar handling. After uploading and cropping, a POST contains the user-supplied image name; the server renames the file using an MD5 value, allowing an attacker to renam...

4.3CVSS4.5AI score0.03205EPSS
Exploits5References3Affected Software1
Cvelist
Cvelist
added 2022/02/28 9:6 a.m.56 views

CVE-2022-0377 LearnPress < 4.1.5 - Arbitrary Image Renaming

Users of the LearnPress WordPress plugin before 4.1.5 can upload an image as a profile avatar after the registration. After this process the user crops and saves the image. Then a "POST" request that contains user supplied name of the image is sent to the server for renaming and cropping of the...

5AI score0.03205EPSS
Exploits5References3
Packet Storm
Packet Storm
added 2022/02/02 12:0 a.m.296 views

WordPress Learnpress 4.1.4.1 Arbitrary Image Renaming

Exploit Title: WordPress Plugin Learnpress 4.1.4.1 - Arbitrary Image Renaming Date: 08-01-2022 Exploit Author: Ceylan Bozogullarindan Author Webpage: https://bozogullarindan.com Vendor Homepage: https://thimpress.com/ Software Link: https://thimpress.com/learnpress-plugin/ Version: 4.1.4.1 Tested...

4.7AI score0.03205EPSS
Exploits5
0day.today
0day.today
added 2022/02/02 12:0 a.m.270 views

WordPress Learnpress 4.1.4.1 Plugin - Arbitrary Image Renaming Vulnerability

Exploit Title: WordPress Plugin Learnpress 4.1.4.1 - Arbitrary Image Renaming Exploit Author: Ceylan Bozogullarindan Author Webpage: https://bozogullarindan.com Vendor Homepage: https://thimpress.com/ Software Link: https://thimpress.com/learnpress-plugin/ Version: 4.1.4.1 Tested on: Linux CVE:...

4.3CVSS4.7AI score0.03205EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.321 views

WordPress Plugin Learnpress 4.1.4.1 - Arbitrary Image Renaming

Exploit Title: WordPress Plugin Learnpress 4.1.4.1 - Arbitrary Image Renaming Date: 08-01-2022 Exploit Author: Ceylan Bozogullarindan Author Webpage: https://bozogullarindan.com Vendor Homepage: https://thimpress.com/ Software Link: https://thimpress.com/learnpress-plugin/ Version: 4.1.4.1 Tested...

4.3CVSS5AI score0.03205EPSS
Exploits5
Rows per page
Query Builder