Lucene search
K

4 matches found

Cvelist
Cvelist
added 2024/06/19 5:37 a.m.204 views

CVE-2024-5853 Image Optimizer, Resizer and CDN – Sirv <= 7.2.6 - Authenticated (Contributor+) Arbitrary File Upload

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the sirvuploadfilebychanks AJAX action in all versions up to, and including, 7.2.6. This makes it possible for authenticated attackers, with...

9.9CVSS0.00787EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/06/19 5:37 a.m.13 views

CVE-2024-5853 Image Optimizer, Resizer and CDN – Sirv <= 7.2.6 - Authenticated (Contributor+) Arbitrary File Upload

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the sirvuploadfilebychanks AJAX action in all versions up to, and including, 7.2.6. This makes it possible for authenticated attackers, with...

9.9CVSS7.7AI score0.00787EPSS
Exploits0References2
CVE
CVE
added 2024/06/19 5:37 a.m.69 views

CVE-2024-5853

CVE-2024-5853 affects the WordPress plugin Image Optimizer, Resizer and CDN – Sirv. The vulnerability allows an authenticated attacker with Contributor+ privileges to upload arbitrary files due to missing file type validation in the sirv_upload_file_by_chanks AJAX action, potentially enabling rem...

9.9CVSS9.7AI score0.00787EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/06/18 12:0 a.m.19 views

WordPress Sirv Plugin <= 7.2.6 is vulnerable to Arbitrary File Upload

Software Sirv Type Plugin Vulnerable versions = 7.2.6 Fixed in 7.2.7 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-5853 Patch priority Medium CVSS severity Medium 9.9 Developer Sirv PSID b8d1b016bf81 Credits Lucio Sá Required privilege Contributor Published 18 June,...

9.9CVSS6.8AI score0.00787EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder