4 matches found
Exploit for Unrestricted Upload of File with Dangerous Type in Fileorganizer
CVE-2024-7985-PoC FileOrganizer = 1.0.9 - Authenticated S...
CVE-2024-7985
The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the "fileorganizerajaxhandler" function in all versions up to, and including, 1.0.9. This makes it possible for authenticated attackers, with...
CVE-2024-7985 FileOrganizer <= 1.0.9 - Authenticated (Subscriber+) Arbitrary File Upload
The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the "fileorganizerajaxhandler" function in all versions up to, and including, 1.0.9. This makes it possible for authenticated attackers, with...
WordPress FileOrganizer Plugin <= 1.0.9 is vulnerable to Arbitrary File Upload
Software FileOrganizer Type Plugin Vulnerable versions = 1.0.9 Fixed in 1.1.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-7985 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 9a28a4363098 Credits TANG Cheuk Hei siunam Required privilege...