4 matches found
InstaWP Connect <= 0.1.0.22 - Unauthenticated Arbitrary File Upload
The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation in the /wp-json/instawp-connect/v1/config REST API endpoint in all versions up to, and including, 0.1.0.22. This makes it possible for...
CVE-2024-2667
creationtimestamp| type| source ---|---|--- 2025-05-26 22:25:48+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-2667.yaml 2025-05-26 22:25:48+00:00| confirmed|...
VulnCheck KEV: CVE-2024-2667
The InstaWP Connect -- 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation in the /wp-json/instawp-connect/v1/config REST API endpoint in all versions up to, and including, 0.1.0.22. This makes it possible for...
WordPress InstaWP Connect Plugin <= 0.1.0.22 is vulnerable to Arbitrary File Upload
Software InstaWP Connect Type Plugin Vulnerable versions = 0.1.0.22 Fixed in 0.1.0.23 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-2667 Patch priority High CVSS severity High 10 Developer InstaWP PSID 6dfa02024fd7 Credits AtaTurk1925 Required privilege...