7 matches found
Exploit for CVE-2024-10586
Vulnerability Information Description The Debug Tool plugin f...
CVE-2024-10586
The Debug Tool plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check on the dbtpullimage function and missing file type validation in all versions up to, and including, 2.2. This makes it possible for unauthenticated attackers to to create arbitrary files...
CVE-2024-10586
creationtimestamp| type| source ---|---|--- 2024-11-09 02:39:52+00:00| seen| https://infosec.exchange/users/cve/statuses/113450679777028980 2024-11-09 04:55:27+00:00| seen| https://t.me/cvedetector/10263 2025-07-20 21:02:23+00:00| seen|...
CVE-2024-10586 Debug Tool <= 2.2 - Unauthenticated Arbitrary File Creation
The Debug Tool plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check on the dbtpullimage function and missing file type validation in all versions up to, and including, 2.2. This makes it possible for unauthenticated attackers to to create arbitrary files...
CVE-2024-10586
CVE-2024-10586 concerns the WordPress plugin Debug Tool, where a missing capability check in dbt_pull_image() and absent file type validation allow unauthenticated file creation (e.g., PHP) in all versions up to 2.2, enabling potential remote code execution. Red Hat’s advisory reiterates the same...
CVE-2024-10586 Debug Tool <= 2.2 - Unauthenticated Arbitrary File Creation
The Debug Tool plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check on the dbtpullimage function and missing file type validation in all versions up to, and including, 2.2. This makes it possible for unauthenticated attackers to to create arbitrary files...
WordPress Debug Tool Plugin <= 2.2 is vulnerable to Arbitrary File Upload
Software Debug Tool Type Plugin Vulnerable versions = 2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-10586 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 9bf09e1be202 Credits Francesco Carlucci Required privilege...