Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 1:30 a.m.7 views

CVE-2024-11082

The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the hypeanimationspanel function in all versions up to, and including, 1.9.15. This makes it possible for authenticated attackers, with Author-level access and above, to...

9.9CVSS7.7AI score0.01163EPSS
Exploits0References1
NVD
NVD
added 2024/11/28 10:15 a.m.19 views

CVE-2024-11082

The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the hypeanimationspanel function in all versions up to, and including, 1.9.15. This makes it possible for authenticated attackers, with Author-level access and above, to...

9.9CVSS0.01163EPSS
Exploits0References5
Circl
Circl
added 2024/11/28 9:49 a.m.6 views

CVE-2024-11082

creationtimestamp| type| source ---|---|--- 2024-11-28 09:49:33+00:00| seen| https://infosec.exchange/users/cve/statuses/113559953257552422...

9.9CVSS6.9AI score0.01163EPSS
Exploits0References1
CVE
CVE
added 2024/11/28 9:47 a.m.76 views

CVE-2024-11082

The CVE-2024-11082 entry concerns the Tumult Hype Animations WordPress plugin (versions

9.9CVSS9.7AI score0.01163EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/11/28 9:47 a.m.16 views

CVE-2024-11082 Tumult Hype Animations <= 1.9.15 - Authenticated (Author+) Arbitrary File Upload via hypeanimations_panel Function

The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the hypeanimationspanel function in all versions up to, and including, 1.9.15. This makes it possible for authenticated attackers, with Author-level access and above, to...

9.9CVSS8AI score0.01163EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/11/27 12:0 a.m.15 views

WordPress Tumult Hype Animations Plugin <= 1.9.15 is vulnerable to Arbitrary File Upload

Software Tumult Hype Animations Type Plugin Vulnerable versions = 1.9.15 Fixed in 1.9.16 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-11082 Patch priority Medium CVSS severity Medium 9.1 Developer Claim ownership PSID 259828d3532b Credits vgo0 Required privilege...

7.2AI score0.01163EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder