Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 1:52 a.m.7 views

CVE-2024-2024

The Folders Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handlefoldersfileupload' function in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers, with author access and above, to upload...

8.8CVSS7.7AI score0.03303EPSS
Exploits0References1
NVD
NVD
added 2024/06/14 1:15 p.m.37 views

CVE-2024-2024

The Folders Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handlefoldersfileupload' function in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers, with author access and above, to upload...

8.8CVSS0.03303EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/14 12:51 p.m.205 views

CVE-2024-2024 Folders Pro <= 3.0.2 - Authenticated(Author+) Arbitrary File Upload via handle_folders_file_upload

The Folders Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handlefoldersfileupload' function in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers, with author access and above, to upload...

8.8CVSS0.03303EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/06/14 12:0 a.m.16 views

WordPress Folders Pro Plugin <= 3.0.2 is vulnerable to Arbitrary File Upload

Software Folders Pro Type Plugin Vulnerable versions = 3.0.2 Fixed in 3.0.3 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-2024 Patch priority Medium CVSS severity Medium 8 Developer Claim ownership PSID 56270bd65a1a Credits Colin Xu Required privilege Author Publish...

8.8CVSS6.8AI score0.03303EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder