CVE-2024-49658 WordPress Woocommerce Custom Profile Picture plugin <= 1.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in ecomerciar Woocommerce Custom Profile Picture woo-custom-profile-picture allows Upload a Web Shell to a Web Server.This issue affects Woocommerce Custom Profile Picture: from n/a through = 1.0...

CVE-2024-49658 WordPress Woocommerce Custom Profile Picture plugin <= 1.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in ecomerciar Woocommerce Custom Profile Picture woo-custom-profile-picture allows Upload a Web Shell to a Web Server.This issue affects Woocommerce Custom Profile Picture: from n/a through = 1.0...

CVE-2024-49658

CVE-2024-49658 affects the WordPress plugin WooCommerce Custom Profile Picture (versions ≤ 1.0). The vulnerability is an Unrestricted Upload of File with Dangerous Type that can enable an attacker to upload a web shell to the server. Exploitation requires subscriber-level access; the impact is hi...

PT-2024-33609 · Unknown · Ecomerciar Woocommerce Custom Profile Picture

Name of the Vulnerable Software and Affected Versions: Ecomerciar Woocommerce Custom Profile Picture versions 1.0 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. Recommendations: For...