Lucene search
K

7 matches found

GithubExploit
GithubExploit
added 2025/01/12 2:41 a.m.295 views

Exploit for CVE-2024-10586

Vulnerability Information Description The Debug Tool plugin f...

9.8CVSS9.8AI score0.02085EPSS
Exploits2
NVD
NVD
added 2024/11/09 3:15 a.m.23 views

CVE-2024-10586

The Debug Tool plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check on the dbtpullimage function and missing file type validation in all versions up to, and including, 2.2. This makes it possible for unauthenticated attackers to to create arbitrary files...

9.8CVSS0.02085EPSS
Exploits2References2
Circl
Circl
added 2024/11/09 2:39 a.m.30 views

CVE-2024-10586

creationtimestamp| type| source ---|---|--- 2024-11-09 02:39:52+00:00| seen| https://infosec.exchange/users/cve/statuses/113450679777028980 2024-11-09 04:55:27+00:00| seen| https://t.me/cvedetector/10263 2025-07-20 21:02:23+00:00| seen|...

9.8CVSS7.3AI score0.02085EPSS
In wildExploits2References6
Vulnrichment
Vulnrichment
added 2024/11/09 2:32 a.m.16 views

CVE-2024-10586 Debug Tool <= 2.2 - Unauthenticated Arbitrary File Creation

The Debug Tool plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check on the dbtpullimage function and missing file type validation in all versions up to, and including, 2.2. This makes it possible for unauthenticated attackers to to create arbitrary files...

9.8CVSS8.1AI score0.02085EPSS
Exploits2References2
CVE
CVE
added 2024/11/09 2:32 a.m.69 views

CVE-2024-10586

CVE-2024-10586 concerns the WordPress plugin Debug Tool, where a missing capability check in dbt_pull_image() and absent file type validation allow unauthenticated file creation (e.g., PHP) in all versions up to 2.2, enabling potential remote code execution. Red Hat’s advisory reiterates the same...

9.8CVSS7.5AI score0.02085EPSS
In wildExploits2References2
Cvelist
Cvelist
added 2024/11/09 2:32 a.m.29 views

CVE-2024-10586 Debug Tool <= 2.2 - Unauthenticated Arbitrary File Creation

The Debug Tool plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check on the dbtpullimage function and missing file type validation in all versions up to, and including, 2.2. This makes it possible for unauthenticated attackers to to create arbitrary files...

9.8CVSS0.02085EPSS
Exploits2References2
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.19 views

WordPress Debug Tool Plugin <= 2.2 is vulnerable to Arbitrary File Upload

Software Debug Tool Type Plugin Vulnerable versions = 2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-10586 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 9bf09e1be202 Credits Francesco Carlucci Required privilege...

9.8CVSS7.2AI score0.02085EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder