5 matches found
Exploit for Unrestricted Upload of File with Dangerous Type in Cozmoslabs Profile_Builder
CVE-2024-6366-PoC User Profile Builder = 3.11.7 - Unauthen...
CVE-2024-6366
The User Profile Builder WordPress plugin before 3.11.8 does not have proper authorisation, allowing unauthenticated users to upload media files via the async upload functionality of WP...
CVE-2024-6366 User Profile Builder < 3.11.8 - Unauthenticated Media Upload
The User Profile Builder WordPress plugin before 3.11.8 does not have proper authorisation, allowing unauthenticated users to upload media files via the async upload functionality of WP...
CVE-2024-6366 User Profile Builder < 3.11.8 - Unauthenticated Media Upload
The User Profile Builder WordPress plugin before 3.11.8 does not have proper authorisation, allowing unauthenticated users to upload media files via the async upload functionality of WP...
WordPress Profile Builder Plugin < 3.11.8 is vulnerable to Broken Access Control
Software Profile Builder Type Plugin Vulnerable versions 3.11.8 Fixed in 3.11.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-6366 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 351dbb0efb2f Credits Michel Prunet Required privile...