Lucene search
+L

4 matches found

Patchstack
Patchstack
added 2024/10/07 12:0 a.m.28 views

WordPress Hash Form Plugin <= 1.1.9 is vulnerable to Arbitrary File Upload

Software Hash Form Type Plugin Vulnerable versions = 1.1.9 Fixed in 1.2.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-9417 Patch priority High CVSS severity High 6.1 Developer Claim ownership PSID 599a3ecad6e0 Credits Rein Daelman trein Required privilege...

6.1CVSS6.9AI score0.00347EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/10/05 10:15 a.m.14 views

CVE-2024-9417

The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to limited file uploads due to a misconfigured file type validation in the 'handleUpload' function in all versions up to, and including, 1.1.9. This makes it possible for unauthenticated attackers to upload files that are...

6.1CVSS0.00347EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/10/05 9:39 a.m.14 views

CVE-2024-9417 Hash Form - Drag & Drop Form Builder <= 1.1.9 - Unauthenticated Limited File Upload

The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to limited file uploads due to a misconfigured file type validation in the 'handleUpload' function in all versions up to, and including, 1.1.9. This makes it possible for unauthenticated attackers to upload files that are...

6.1CVSS6.6AI score0.00347EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/10/05 9:39 a.m.18 views

CVE-2024-9417 Hash Form - Drag & Drop Form Builder <= 1.1.9 - Unauthenticated Limited File Upload

The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to limited file uploads due to a misconfigured file type validation in the 'handleUpload' function in all versions up to, and including, 1.1.9. This makes it possible for unauthenticated attackers to upload files that are...

6.1CVSS0.00347EPSS
Exploits0References4
Rows per page
Query Builder