Lucene search
K

4 matches found

GithubExploit
GithubExploit
added 2025/02/15 10:57 p.m.505 views

Exploit for Unrestricted Upload of File with Dangerous Type in Fileorganizer

CVE-2024-7985-PoC FileOrganizer = 1.0.9 - Authenticated S...

8.8CVSS8.2AI score0.02235EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/02/05 11:51 a.m.13 views

CVE-2024-7985

The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the "fileorganizerajaxhandler" function in all versions up to, and including, 1.0.9. This makes it possible for authenticated attackers, with...

8.8CVSS7.6AI score0.02235EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/10/29 3:31 p.m.14 views

CVE-2024-7985 FileOrganizer <= 1.0.9 - Authenticated (Subscriber+) Arbitrary File Upload

The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the "fileorganizerajaxhandler" function in all versions up to, and including, 1.0.9. This makes it possible for authenticated attackers, with...

7.5CVSS7.7AI score0.02235EPSS
Exploits1References3
Patchstack
Patchstack
added 2024/10/29 12:0 a.m.20 views

WordPress FileOrganizer Plugin <= 1.0.9 is vulnerable to Arbitrary File Upload

Software FileOrganizer Type Plugin Vulnerable versions = 1.0.9 Fixed in 1.1.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-7985 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 9a28a4363098 Credits TANG Cheuk Hei siunam Required privilege...

8.8CVSS6.8AI score0.02235EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder