Lucene search
K

4 matches found

NVD
NVD
added 2025/02/28 9:15 a.m.10 views

CVE-2024-8425

The WooCommerce Ultimate Gift Card plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'mwbwgmpreviewmail' and 'mwbwgmwoocommerceaddcartitemdata' functions in all versions up to, and including, 2.9.2. This makes it possible for...

9.8CVSS0.03858EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/02/28 8:23 a.m.11 views

CVE-2024-8425 WooCommerce Ultimate Gift Card <= 2.9.2 - Unauthenticated Arbitrary File Upload

The WooCommerce Ultimate Gift Card plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'mwbwgmpreviewmail' and 'mwbwgmwoocommerceaddcartitemdata' functions in all versions up to, and including, 2.9.2. This makes it possible for...

9.8CVSS8AI score0.03858EPSS
Exploits1References2
CVE
CVE
added 2025/02/28 8:23 a.m.94 views

CVE-2024-8425

The CVE-2024-8425 entry concerns the WordPress WooCommerce Ultimate Gift Card plugin (versions up to 2.6.0). The root cause is insufficient file type validation in mwb_wgm_preview_mail and mwb_wgm_woocommerce_add_cart_item_data, allowing unauthenticated arbitrary file uploads to the server and po...

9.8CVSS8AI score0.03858EPSS
In wildExploits1References2Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2025/02/27 12:0 a.m.5 views

VulnCheck KEV: CVE-2024-8425

The WooCommerce Ultimate Gift Card plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'mwbwgmpreviewmail' and 'mwbwgmwoocommerceaddcartitemdata' functions in all versions up to, and including, 2.9.2. This makes it possible for...

9.8CVSS5.9AI score0.03858EPSS
Exploits1References1
Rows per page
Query Builder