3 matches found
CVE-2024-39639
Broken Access Control vulnerability in Nickolas Bossinas WordPress File Upload allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress File Upload: from n/a through 4.24.7...
CVE-2024-39639 WordPress File Upload plugin <= 4.24.7 - Broken Access Control + CSRF vulnerability
Broken Access Control vulnerability in Nickolas Bossinas WordPress File Upload allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress File Upload: from n/a through 4.24.7...
CVE-2024-39639
CVE-2024-39639 affects WordPress File Upload plugin (≤4.24.7). Root cause is Broken Access Control, with Patchstack noting CSRF involvement. Impact is reported as low to medium (CVSS 3.5–4.3 range); patched in version 4.24.8. No exploitation status provided in the sources; monitor for updates fro...