2 matches found
CVE-2024-37424
CVE-2024-37424 is an Unrestricted Upload of File with Dangerous Type vulnerability in Automattic Newspack Blocks (≤3.0.8) that allows uploading a web shell to the server. Root cause: unrestricted upload of dangerous file types. Impact: high (web shell can grant full control). Status: patched in v...
WordPress Newspack Blocks Plugin <= 3.0.8 is vulnerable to Arbitrary File Upload
Software Newspack Blocks Type Plugin Vulnerable versions = 3.0.8 Fixed in 3.0.9 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-37424 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID dd4273e7b78e Credits Rafie Muhammad Patchstack Required...