Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2024/11/23 7:38 a.m.13 views

CVE-2024-9659 School Management <= 91.5.0 - Unauthenticated Arbitrary File Upload

The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the mjsmgtuseravatarimageupload function in all versions up to, and including, 91.5.0. This makes it possible for unauthenticated attackers to upload...

9.8CVSS8AI score0.01612EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/23 7:38 a.m.18 views

CVE-2024-9659 School Management <= 91.5.0 - Unauthenticated Arbitrary File Upload

The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the mjsmgtuseravatarimageupload function in all versions up to, and including, 91.5.0. This makes it possible for unauthenticated attackers to upload...

9.8CVSS0.01612EPSS
Exploits0References2
CVE
CVE
added 2024/11/23 7:38 a.m.69 views

CVE-2024-9659

CVE-2024-9659 affects School Management System for WordPress (WordPress plugin) up to version 91.5.0, where missing file type validation in mj_smgt_user_avatar_image_upload() allows unauthenticated arbitrary file uploads. The impact is described as potentially enabling remote code execution on th...

9.8CVSS9.9AI score0.01612EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/22 12:0 a.m.10 views

WordPress School Management Plugin <= 91.5.0 is vulnerable to Arbitrary File Upload

Software School Management Type Plugin Vulnerable versions = 91.5.0 Fixed in 92.0.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-9659 Patch priority High CVSS severity High 10 Developer Claim ownership PSID c5a4715332b9 Credits Tonn Required privilege Unauthenticat...

9.8CVSS6.9AI score0.01612EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder