Lucene search
K

9 matches found

Nuclei
Nuclei
added 2026/06/28 3:8 p.m.55 views

WP Time Capsule Plugin - Remote Code Execution

The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the the UploadHandler.php file and no direct file access prevention in all versions up to, and including, 1.22.21. This makes it possible for unauthenticat...

9.8CVSS8AI score0.93709EPSS
Exploits7References6
Packet Storm
Packet Storm
added 2025/04/07 12:0 a.m.297 views

📄 WordPress Backup and Staging 1.21.16 Shell Upload

WordPress Backup and Staging plugin versions 1.21.16 and below suffer from a remote shell upload vulnerability. Exploit Title: WordPress Backup and Staging Plugin ≤ 1.21.16 - Arbitrary File Upload to RCE Original Author: Patchstack hypothetical Exploit Author: Al Baradi Joy Exploit Date: April 5,...

9.8CVSS9.4AI score0.93709EPSS
Exploits7
Exploit DB
Exploit DB
added 2025/04/06 12:0 a.m.263 views

Backup and Staging by WP Time Capsule 1.22.21 - Unauthenticated Arbitrary File Upload

Exploit Title: WordPress Backup and Staging Plugin ≤ 1.21.16 - Arbitrary File Upload to RCE Original Author: Patchstack hypothetical Exploit Author: Al Baradi Joy Exploit Date: April 5, 2025 Vendor Homepage: https://wp-timecapsule.com/ Software Link: https://wordpress.org/plugins/wp-time-capsule/...

9.8CVSS7.4AI score0.93709EPSS
Exploits7
Packet Storm
Packet Storm
added 2025/03/11 12:0 a.m.274 views

WP Time Capsule 1.22.21 Shell Upload

WordPress WP Time Capsule plugin version 1.22.21 remote shell upload proof of concept exploit that takes advantage of a flaw discovered in 2024 by Rein Daelman...

9.8CVSS7.1AI score0.93709EPSS
Exploits7
Metasploit
Metasploit
added 2024/12/13 6:55 p.m.692 views

WordPress WP Time Capsule Arbitrary File Upload to RCE

This module exploits an arbitrary file upload vulnerability in the WordPress WP Time Capsule plugin versions use exploit/multi/http/wptimecapsulefileuploadrce msf exploitwptimecapsulefileuploadrce show targets ...targets... msf exploitwptimecapsulefileuploadrce set TARGET msf...

9.8CVSS8.3AI score0.93709EPSS
Exploits7
GithubExploit
GithubExploit
added 2024/11/21 4:1 a.m.455 views

Exploit for Unrestricted Upload of File with Dangerous Type in Revmakx Backup_And_Staging_By_Wp_Time_Capsule

CVE-2024-8856 This tool scans WordPress websites for vulnerab...

9.8CVSS9.8AI score0.93709EPSS
Exploits7
Patchstack
Patchstack
added 2024/11/18 12:0 a.m.27 views

WordPress Backup and Staging by WP Time Capsule Plugin <= 1.22.21 is vulnerable to Arbitrary File Upload

Software Backup and Staging by WP Time Capsule Type Plugin Vulnerable versions = 1.22.21 Fixed in 1.22.22 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-8856 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 3a293a6ce154 Credits Rein Daelman...

9.8CVSS6.9AI score0.93709EPSS
Exploits7References3Affected Software1
Circl
Circl
added 2024/11/16 6:52 a.m.20 views

CVE-2024-8856

creationtimestamp| type| source ---|---|--- 2024-11-16 06:52:51+00:00| seen| https://t.me/cvedetector/11225 2024-11-17 06:17:37+00:00| seen| https://t.me/CyberBulletin/26463 2024-11-17 06:17:37+00:00| seen| https://t.me/CyberBulletin/1490 2024-11-22 10:05:08+00:00| published-proof-of-concept|...

9.8CVSS7.3AI score0.93709EPSS
In wildExploits7References13
Vulnrichment
Vulnrichment
added 2024/11/16 4:29 a.m.16 views

CVE-2024-8856 Backup and Staging by WP Time Capsule <= 1.22.21 - Unauthenticated Arbitrary File Upload

The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the the UploadHandler.php file and no direct file access prevention in all versions up to, and including, 1.22.21. This makes it possible for unauthenticat...

9.8CVSS8AI score0.93709EPSS
Exploits7References5
Rows per page
Query Builder