Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 5:37 a.m.9 views

CVE-2024-1468

The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajaximportoptions function in all versions up to, and including, 7.11.4. This makes it possible for authenticated attackers, with...

8.8CVSS7.7AI score0.01161EPSS
Exploits0References1
NVD
NVD
added 2024/02/29 4:15 a.m.22 views

CVE-2024-1468

The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajaximportoptions function in all versions up to, and including, 7.11.4. This makes it possible for authenticated attackers, with...

8.8CVSS8.9AI score0.01161EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/29 3:30 a.m.19 views

CVE-2024-1468 Avada | Website Builder For WordPress & WooCommerce <= 7.11.4 - Authenticated (Contributor+) Arbitrary File Upload

The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajaximportoptions function in all versions up to, and including, 7.11.4. This makes it possible for authenticated attackers, with...

8.8CVSS8AI score0.01161EPSS
Exploits0References2
CVE
CVE
added 2024/02/29 3:30 a.m.128 views

CVE-2024-1468

The CVE-2024-1468 entry concerns the Avada WordPress theme (

8.8CVSS8.8AI score0.01161EPSS
Exploits0References2Affected Software1
Wordfence Blog
Wordfence Blog
added 2024/02/28 3:38 p.m.45 views

$2,751 Bounty Awarded for Arbitrary File Upload Vulnerability Patched in Avada WordPress Theme

🎉 Did you know were running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! On February 6th, 2024, during our second Bug Bounty...

6.5CVSS8AI score0.01161EPSS
Exploits0
Patchstack
Patchstack
added 2024/02/28 12:0 a.m.15 views

WordPress Avada Theme <= 7.11.4 is vulnerable to Arbitrary File Upload

Software Avada Type Theme Vulnerable versions = 7.11.4 Fixed in 7.11.5 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-1468 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 3720cafcf208 Credits Muhammad Zeeshan Xib3rR4dAr Required privilege...

8.8CVSS6.8AI score0.01161EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder