4 matches found
CVE-2024-27964 WordPress Zippy plugin <= 1.6.9 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.9...
CVE-2024-27964 WordPress Zippy plugin <= 1.6.9 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.9...
CVE-2024-27964
CVE-2024-27964 affects the Zippy WordPress plugin (Gesundheit Bewegt GmbH) up to version 1.6.9. It is an Unrestricted Upload of File with Dangerous Type vulnerability that requires authenticated access (Editor+). Successful exploitation could allow an attacker to upload arbitrary files, potential...
WordPress Zippy Plugin <= 1.6.9 is vulnerable to Arbitrary File Upload
Software Zippy Type Plugin Vulnerable versions = 1.6.9 Fixed in 1.6.10 OWASP Top 10 A5: Security Misconfiguration Classification Arbitrary File Upload CVE CVE-2024-27964 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID f32b93d01376 Credits stealthcopter Required...