3 matches found
CVE-2024-13091
creationtimestamp| type| source ---|---|--- 2025-01-22 00:48:40+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/113869253453487309 2025-01-22 00:55:03+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lgc5ssvbqo2y 2025-01-22 00:55:04+00:00| seen|...
CVE-2024-13091
The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'qcldwpcfbfileupload' function in all versions up to, and including, 13.5.4. This makes it possible for unauthenticated attackers to upload arbitrary files on th...
CVE-2024-13091
CVE-2024-13091 affects the WPBot Pro WordPress plugin (versions ≤ 13.5.4). The vulnerability stems from missing file-type validation in the qcld_wpcfb_file_upload function, allowing unauthenticated attackers to upload arbitrary files to the server. This could enable remote code execution, especia...