Lucene search
K

4 matches found

Nuclei
Nuclei
added 8 hours ago71 views

InstaWP Connect <= 0.1.0.22 - Unauthenticated Arbitrary File Upload

The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation in the /wp-json/instawp-connect/v1/config REST API endpoint in all versions up to, and including, 0.1.0.22. This makes it possible for...

9.8CVSS6.2AI score0.05747EPSS
Exploits0References3
Circl
Circl
added 2025/05/26 10:25 p.m.53 views

CVE-2024-2667

creationtimestamp| type| source ---|---|--- 2025-05-26 22:25:48+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-2667.yaml 2025-05-26 22:25:48+00:00| confirmed|...

9.8CVSS9.5AI score0.05747EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2024/04/12 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-2667

The InstaWP Connect -- 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation in the /wp-json/instawp-connect/v1/config REST API endpoint in all versions up to, and including, 0.1.0.22. This makes it possible for...

9.8CVSS5.9AI score0.05747EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/04/12 12:0 a.m.14 views

WordPress InstaWP Connect Plugin <= 0.1.0.22 is vulnerable to Arbitrary File Upload

Software InstaWP Connect Type Plugin Vulnerable versions = 0.1.0.22 Fixed in 0.1.0.23 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-2667 Patch priority High CVSS severity High 10 Developer InstaWP PSID 6dfa02024fd7 Credits AtaTurk1925 Required privilege...

9.8CVSS7.2AI score0.05747EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder