5 matches found
WordPress GutenKit 2.1.0 Arbitrary File Upload Vulnerability
CVE-2024-9234 GutenKit = 2.1.0 - Unauthenticated Arbitrary File Upload Description The GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the...
Exploit for CVE-2024-9234
CVE-2024-9234 GutenKit = 2.1.0 - Unauthenticated...
CVE-2024-9234
CVE-2024-9234 – GutenKit WordPress plugin is vulnerable to arbitrary file uploads due to a missing capability check on the install_and_activate_plugin_from_external() function (install-active-plugin REST API) in all versions up to and including 2.1.0. This allows unauthenticated attackers to inst...
CVE-2024-9234 GutenKit <= 2.1.0 - Unauthenticated Arbitrary File Upload
The GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the installandactivatepluginfromexternal function install-active-plugin REST API endpoint in all versions up to,...
WordPress GutenKit Plugin <= 2.1.0 is vulnerable to Arbitrary File Upload
Software GutenKit Type Plugin Vulnerable versions = 2.1.0 Fixed in 2.1.1 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-9234 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 084e0f3075d0 Credits Sean Murphy Required privilege Unauthenticated...