6 matches found
CVE-2024-39639
Broken Access Control vulnerability in Nickolas Bossinas WordPress File Upload allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress File Upload: from n/a through 4.24.7...
CVE-2024-39639
Broken Access Control vulnerability in Nickolas Bossinas WordPress File Upload allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress File Upload: from n/a through 4.24.7...
CVE-2024-39639
CVE-2024-39639 affects WordPress File Upload plugin (≤4.24.7). Root cause is Broken Access Control, with Patchstack noting CSRF involvement. Impact is reported as low to medium (CVSS 3.5–4.3 range); patched in version 4.24.8. No exploitation status provided in the sources; monitor for updates fro...
CVE-2024-39639 WordPress File Upload plugin <= 4.24.7 - Broken Access Control + CSRF vulnerability
Broken Access Control vulnerability in Nickolas Bossinas WordPress File Upload allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress File Upload: from n/a through 4.24.7...
CVE-2024-39639 WordPress File Upload plugin <= 4.24.7 - Broken Access Control + CSRF vulnerability
Broken Access Control vulnerability in Nickolas Bossinas WordPress File Upload allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress File Upload: from n/a through 4.24.7...
WordPress WordPress File Upload Plugin <= 4.24.7 is vulnerable to Broken Access Control
Software WordPress File Upload Type Plugin Vulnerable versions = 4.24.7 Fixed in 4.24.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-39639 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c24820fca545 Credits emad Required privile...