3 matches found
CVE-2024-5080
The wp-eMember WordPress plugin is affected. Versions prior to 10.6.6 do not validate uploaded files, potentially allowing administrators to upload arbitrary files (including PHP) to the server. This is documented across multiple sources (Red Hat, Patchstack, PT-Security, and related CVE records)...
CVE-2024-5080 WP eMember < 10.6.6 - Admin+ Arbitrary File Upload
The wp-eMember WordPress plugin before 10.6.6 does not validate files to be uploaded, which could allow admins to upload arbitrary files such as PHP on the server...
CVE-2024-5080 WP eMember < 10.6.6 - Admin+ Arbitrary File Upload
The wp-eMember WordPress plugin before 10.6.6 does not validate files to be uploaded, which could allow admins to upload arbitrary files such as PHP on the server...