3 matches found
CVE-2024-9422
The GEO my WP WordPress plugin before 4.5, gmw-premium-settings WordPress plugin before 3.1 does not sufficiently validate files to be uploaded, which could allow attackers to upload arbitrary files such as PHP on the server...
CVE-2024-9422
The GEO my WP WordPress plugin (prior to v4.5) and its companion gmw-premium-settings (prior to v3.1) suffer from insufficient validation of uploaded files, allowing attackers to upload arbitrary files (e.g., PHP) to the server and potentially enable remote attacks. Remediation: update to GEO my ...
CVE-2024-9422 GEO My WordPress < 4.5 - Admin+ Arbitrary File Upload
The GEO my WP WordPress plugin before 4.5, gmw-premium-settings WordPress plugin before 3.1 does not sufficiently validate files to be uploaded, which could allow attackers to upload arbitrary files such as PHP on the server...