CVE-2024-52372

Unrestricted Upload of File with Dangerous Type vulnerability in WebTechGlobal Easy CSV Importer BETA easy-csv-importer allows Upload a Web Shell to a Web Server.This issue affects Easy CSV Importer BETA: from n/a through = 7.0.0...

CVE-2024-52373

Unrestricted Upload of File with Dangerous Type vulnerability in Team Devexhub Devexhub Gallery devexhub-gallery allows Upload a Web Shell to a Web Server.This issue affects Devexhub Gallery: from n/a through = 2.0.1...

CVE-2024-52370

CVE-2024-52370 concerns the WordPress plugin “Hive Support – WordPress Help Desk.” The vulnerability is described as Unrestricted Upload of File with Dangerous Type, enabling an attacker to upload a web shell to the web server. Affected versions are Hive Support – WordPress Help Desk up to 1.1.1....

CVE-2024-52372 WordPress Easy CSV Importer plugin <= 7.0.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in WebTechGlobal Easy CSV Importer BETA easy-csv-importer allows Upload a Web Shell to a Web Server.This issue affects Easy CSV Importer BETA: from n/a through = 7.0.0...

CVE-2024-52372 WordPress Easy CSV Importer plugin <= 7.0.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in WebTechGlobal Easy CSV Importer BETA easy-csv-importer allows Upload a Web Shell to a Web Server.This issue affects Easy CSV Importer BETA: from n/a through = 7.0.0...

CVE-2024-52373

CVE-2024-52373 (WordPress Devexhub Gallery plugin,

CVE-2024-52374

CVE-2024-52374 affects the WordPress Do That Task plugin (versions up to 1.5.5). The vulnerability is Unrestricted Upload of File with Dangerous Type, enabling an attacker to upload a Web Shell to the web server. Multiple connected sources reiterate Do That Task ≤1.5.5 as affected and describe an...

CVE-2024-52374 WordPress Do That Task plugin <= 1.5.5 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in DoThatTask Do That Task allows Upload a Web Shell to a Web Server.This issue affects Do That Task: from n/a through 1.5.5...

CVE-2024-52376

CVE-2024-52376 is an Unrestricted/Arbitrary File Upload vulnerability in the WordPress plugin “Boat Rental Plugin for WordPress” (cmsMinds), affecting versions up to 1.0.1. The issue allows uploading a web shell to the web server, representing a critical risk (CVSS v3.1 base score 10.0; NETWORK, ...

CVE-2024-52376 WordPress Boat Rental Plugin for WordPress plugin <= 1.0.1 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in cmsMinds Boat Rental Plugin for WordPress allows Upload a Web Shell to a Web Server.This issue affects Boat Rental Plugin for WordPress: from n/a through 1.0.1...

CVE-2024-52377 WordPress Instant Image Generator (One Click Image Uploads from Pixabay, Pexels and OpenAI) plugin <= 1.5.2 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in bdthemes Instant Image Generator ai-image allows Upload a Web Shell to a Web Server.This issue affects Instant Image Generator: from n/a through = 1.5.2...

CVE-2024-52377

CVE-2024-52377 affects BdThemes Instant Image Generator (WordPress plugin) and allows Unrestricted Upload of a Web Shell by uploading dangerous file types. Affected versions are 1.5.4 and earlier; Patchstack reports a fix in 1.5.3, and Wordfence vulnerability listings reference patched/reduced ex...

CVE-2024-52379 WordPress kineticPay for WooCommerce plugin <= 2.0.8 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in faizalbahasan kineticPay for WooCommerce kineticpay-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects kineticPay for WooCommerce: from n/a through = 2.0.8...

CVE-2024-52379 WordPress kineticPay for WooCommerce plugin <= 2.0.8 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in faizalbahasan kineticPay for WooCommerce kineticpay-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects kineticPay for WooCommerce: from n/a through = 2.0.8...

CVE-2024-52379

CVE-2024-52379 is an Unrestricted Upload of File with Dangerous Type vulnerability in the WordPress plugin kineticPay for WooCommerce by Kinetic Innovative Technologies Sdn Bhd. The issue allows an unauthenticated attacker to upload arbitrary files (including a web shell) to the web server. Affec...

CVE-2024-52380

CVE-2024-52380 pertains to the WordPress plugin Picsmize by Softpulse Infotech. The connected sources confirm an Unrestricted Upload of File with Dangerous Type vulnerability affecting Picsmize versions up to 1.0.0, enabling an attacker to upload a web shell to the target server and potentially a...

CVE-2024-52384

The WordPress plugin Sage AI: Chatbots, OpenAI GPT-4 Bulk Articles, Dalle-3 Image Generation is vulnerable to Unrestricted Upload of File with Dangerous Type (CVE-2024-52384) up to version 2.4.9. The issue, caused by unrestricted file uploads, could allow an attacker to upload a web shell to the ...

PT-2024-35216 · Woocommerce · Kineticpay For Woocommerce

Name of the Vulnerable Software and Affected Versions: kineticPay for WooCommerce versions 2.0.8 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling the upload of a web shell to a web server. This could compromise sites...

PT-2024-35213 · Cmsminds · Cmsminds Boat Rental Plugin For Wordpress

Name of the Vulnerable Software and Affected Versions: cmsMinds Boat Rental Plugin for WordPress versions 1.0.1 and earlier Description: The issue allows malicious file uploads, posing a risk of web server compromise. This can enable an attacker to upload a web shell to a web server...

PT-2024-35207 · WordPress · Hive Support – Wordpress Help Desk

Name of the Vulnerable Software and Affected Versions: Hive Support – WordPress Help Desk versions 1.1.1 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling an attacker to upload a web shell to a web server. This could grant an...