Lucene search
K

5 matches found

GithubExploit
GithubExploit
added 2025/02/02 3:37 p.m.367 views

Exploit for Unrestricted Upload of File with Dangerous Type in Cozmoslabs Profile_Builder

CVE-2024-6366-PoC User Profile Builder = 3.11.7 - Unauthen...

9.1CVSS9.4AI score0.28993EPSS
Exploits2
OSV
OSV
added 2024/07/29 6:15 a.m.4 views

CVE-2024-6366

The User Profile Builder WordPress plugin before 3.11.8 does not have proper authorisation, allowing unauthenticated users to upload media files via the async upload functionality of WP...

9.1CVSS5.8AI score0.28993EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/07/29 6:0 a.m.48 views

CVE-2024-6366 User Profile Builder < 3.11.8 - Unauthenticated Media Upload

The User Profile Builder WordPress plugin before 3.11.8 does not have proper authorisation, allowing unauthenticated users to upload media files via the async upload functionality of WP...

0.28993EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/07/29 6:0 a.m.27 views

CVE-2024-6366 User Profile Builder < 3.11.8 - Unauthenticated Media Upload

The User Profile Builder WordPress plugin before 3.11.8 does not have proper authorisation, allowing unauthenticated users to upload media files via the async upload functionality of WP...

7.1AI score0.28993EPSS
Exploits2References1
Patchstack
Patchstack
added 2024/07/29 12:0 a.m.24 views

WordPress Profile Builder Plugin < 3.11.8 is vulnerable to Broken Access Control

Software Profile Builder Type Plugin Vulnerable versions 3.11.8 Fixed in 3.11.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-6366 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 351dbb0efb2f Credits Michel Prunet Required privile...

9.1CVSS6.5AI score0.28993EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder