5 matches found
CVE-2024-35744
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Ravidhu Dissanayake Upunzipper allows Path Traversal, File Manipulation.This issue affects Upunzipper: from n/a through 1.0.0...
CVE-2024-35744 WordPress Upunzipper plugin <= 1.0.0 - Arbitrary File Deletion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Ravidhu Dissanayake Upunzipper allows Path Traversal, File Manipulation.This issue affects Upunzipper: from n/a through 1.0.0...
CVE-2024-35744
CVE-2024-35744 describes an improper limitation of a pathname to a restricted directory (path traversal) in Upunzipper for WordPress, affecting Upunzipper versions from n/a through 1.0.0. The NVD Base Score is 6.5 (Medium) with I/H and A/H; Patchstack CNA lists a separate base score of 8.6 (High)...
CVE-2024-35744 WordPress Upunzipper plugin <= 1.0.0 - Arbitrary File Deletion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Ravidhu Dissanayake Upunzipper allows Path Traversal, File Manipulation.This issue affects Upunzipper: from n/a through 1.0.0...
WordPress Upunzipper Plugin <= 1.0.0 is vulnerable to Arbitrary File Deletion
Software Upunzipper Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A6: Security Misconfiguration Classification Arbitrary File Deletion CVE CVE-2024-35744 Patch priority Low CVSS severity Low 8.6 Developer Claim ownership PSID 20a11d86aa33 Credits YCInfosec Required privilege...