Lucene search
K

4 matches found

Patchstack
Patchstack
added 2025/05/19 3:13 a.m.8 views

WordPress Z-Downloads plugin < 1.11.5 - Admin+ Arbitrary File Upload vulnerability

Admin+ Arbitrary File Upload vulnerability discovered by Minh Giang & Christopher Houk in WordPress Plugin Z-Downloads versions 1.11.5...

7.2CVSS6.9AI score0.00572EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2025/05/15 8:7 p.m.33 views

CVE-2024-8699

The CVE targets the Z-Downloads WordPress plugin prior to version 1.11.5. Affected component: file upload handling in the plugin. Root cause: uploaded files are not properly validated, enabling high-privilege users (e.g., admins) to upload arbitrary files on the server, including in multisite con...

7.2CVSS6.8AI score0.00572EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/15 8:7 p.m.10 views

CVE-2024-8699 Z-Downloads < 1.11.5 - Admin+ Arbitrary File Upload

The Z-Downloads WordPress plugin before 1.11.5 does not properly validate files uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to for example in multisite setup...

7AI score0.00572EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/15 8:7 p.m.16 views

CVE-2024-8699 Z-Downloads < 1.11.5 - Admin+ Arbitrary File Upload

The Z-Downloads WordPress plugin before 1.11.5 does not properly validate files uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to for example in multisite setup...

0.00572EPSS
Exploits1References1
Rows per page
Query Builder