6 matches found
CVE-2024-4345
creationtimestamp| type| source ---|---|--- 2025-03-27 20:15:48+00:00| seen| https://bsky.app/profile/hackingne.ws/post/3llf4jdmeu42l 2025-03-31 14:10:26+00:00| seen| https://t.me/thehackernews/6584 2025-03-31 21:38:56+00:00| seen|...
CVE-2024-4345
The Startklar Elementor Addons plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'process' function in the 'startklarDropZoneUploadProcess' class in versions up to, and including, 1.7.13. This makes it possible for unauthenticated attacke...
CVE-2024-4345
The Startklar Elementor Addons plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'process' function in the 'startklarDropZoneUploadProcess' class in versions up to, and including, 1.7.13. This makes it possible for unauthenticated attacke...
CVE-2024-4345
CVE-2024-4345 is an unauthenticated arbitrary file-upload vulnerability in Startklar Elementor Addons for WordPress (up to version 1.7.13). The StartklarDropZoneUploadProcess::process function validates file types insufficiently, allowing attackers to upload arbitrary files to the server and pote...
CVE-2024-4345
The Startklar Elementor Addons plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'process' function in the 'startklarDropZoneUploadProcess' class in versions up to, and including, 1.7.13. This makes it possible for unauthenticated attacke...
WordPress Startklar Elementor Addons Plugin <= 1.7.13 is vulnerable to Arbitrary File Upload
Software Startklar Elementor Addons Type Plugin Vulnerable versions = 1.7.13 Fixed in 1.7.14 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-4345 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 644cf683da36 Credits István Márton Required...