4 matches found
CVE-2024-3112
The Quotes and Tips by BestWebSoft WordPress plugin before 1.45 does not properly validate image files uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to for example in multisite setup...
CVE-2024-3112 Quotes and Tips < 1.45 - Admin+ Arbitrary File Upload
The Quotes and Tips by BestWebSoft WordPress plugin before 1.45 does not properly validate image files uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to for example in multisite setup...
CVE-2024-3112 Quotes and Tips < 1.45 - Admin+ Arbitrary File Upload
The Quotes and Tips by BestWebSoft WordPress plugin before 1.45 does not properly validate image files uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to for example in multisite setup...
WordPress Quotes And Tips Plugin < 1.45 is vulnerable to Arbitrary File Upload
Software Quotes And Tips Type Plugin Vulnerable versions 1.45 Fixed in 1.45 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-3112 Patch priority Low CVSS severity Low 9.1 Developer Claim ownership PSID a96054a32ac9 Credits Peng Zhou zpbrent Required privilege...