4 matches found
CVE-2024-9660
The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the mjsmgtloaddocumetsnew and mjsmgtloaddocumets functions in all versions up to, and including, 91.5.0. This makes it possible for authenticated attacker...
CVE-2024-9660
The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the mjsmgtloaddocumetsnew and mjsmgtloaddocumets functions in all versions up to, and including, 91.5.0. This makes it possible for authenticated attacker...
CVE-2024-9660
creationtimestamp| type| source ---|---|--- 2024-11-23 07:40:23+00:00| seen| https://infosec.exchange/users/cve/statuses/113531133777202538...
CVE-2024-9660 School Management <= 91.5.0 - Authenticated (Student+) Arbitrary File Upload
The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the mjsmgtloaddocumetsnew and mjsmgtloaddocumets functions in all versions up to, and including, 91.5.0. This makes it possible for authenticated attacker...