4 matches found
CVE-2024-2890
creationtimestamp| type| source ---|---|--- 2025-04-08 21:40:13+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lmdgtd73sc2g...
CVE-2024-2890
Unrestricted Upload of File with Dangerous Type vulnerability in Tumult Inc. Tumult Hype Animations.This issue affects Tumult Hype Animations: from n/a through 1.9.12...
CVE-2024-2890
CVE-2024-2890 affects the WordPress plugin Tumult Hype Animations up to version 1.9.12. The issue is an Unrestricted Upload of File with Dangerous Type due to insufficient validation in hypeanimations_panel_upload(), allowing authenticated attackers with author-level access to upload arbitrary fi...
WordPress Tumult Hype Animations Plugin <= 1.9.12 is vulnerable to Arbitrary File Upload
Software Tumult Hype Animations Type Plugin Vulnerable versions = 1.9.12 Fixed in 1.9.13 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-2890 Patch priority Medium CVSS severity Medium 9.1 Developer Claim ownership PSID 406a74eb182d Credits Peng Zhou Required privileg...