CVE-2024-49674

CVE-2024-49674 : WordPress EKC Tournament Manager plugin (versions ≤ 2.2.1) has a Cross-Site Request Forgery (CSRF) vulnerability that allows uploading a web shell to the web server. Exploitation would enable an attacker to place arbitrary files on the server via CSRF, potentially leading to unau...

CVE-2024-49674 WordPress EKC Tournament Manager plugin <= 2.2.1 - CSRF to Arbitrary File Upload vulnerability

Cross-Site Request Forgery CSRF vulnerability in lukashuser EKC Tournament Manager ekc-tournament-manager allows Upload a Web Shell to a Web Server.This issue affects EKC Tournament Manager: from n/a through = 2.2.1...