CVE-2024-50531 WordPress RSVPMaker for Toastmasters plugin <= 6.2.4 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in davidfcarr RSVPMaker for Toastmasters rsvpmaker-for-toastmasters allows Upload a Web Shell to a Web Server.This issue affects RSVPMaker for Toastmasters: from n/a through = 6.2.4...

CVE-2024-50531

The CVE-2024-50531 entry concerns RSVPMaker for Toastmasters (WordPress plugin). Connected sources confirm an Unrestricted Upload of File with Dangerous Type vulnerability in RSVPMaker for Toastmasters, affecting versions up to 6.2.4, with unauthenticated attackers able to upload a web shell to t...

PT-2024-34303

Name of the Vulnerable Software and Affected Versions: Multi Purpose Mail Form versions n/a through 1.0.2 Description: The issue allows users to upload dangerous files, potentially leading to a web server compromise by uploading a web shell. This can happen due to an unrestricted upload of file...

PT-2024-34300 · Unknown · All Post Contact Form

Name of the Vulnerable Software and Affected Versions: All Post Contact Form versions 1.7.3 and earlier Description: The issue affects the All Post Contact Form, allowing an unrestricted upload of files with dangerous types, such as a web shell, to a web server. This enables attackers to compromi...

PT-2024-34302 · Unknown · Woocommerce +1

Name of the Vulnerable Software and Affected Versions: Plug your WooCommerce into the largest catalog of customized print products from Helloprint versions n/a through 2.0.2 Description: The issue allows an attacker to upload a web shell to a web server due to an unrestricted upload of file with...

WordPress plugin All Post Contact Form 代码问题漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...

PT-2024-34306 · Unknown · Rudra Innovative Software Training – Courses

Name of the Vulnerable Software and Affected Versions: Rudra Innovative Software Training – Courses versions prior to 2.0.1 Description: The issue allows unauthorized upload of malicious files, specifically a web shell, to a web server. This poses a significant risk to the security of the web...

PT-2024-34308 · Myriad Solutionz · Myriad Solutionz Stars Smtp Mailer

Name of the Vulnerable Software and Affected Versions: Myriad Solutionz Stars SMTP Mailer versions 1.7 and earlier Description: The issue allows an attacker to upload a web shell to a web server, potentially leading to harmful consequences. This is due to an Unrestricted Upload of File with...

CVE-2024-49674

CVE-2024-49674 : WordPress EKC Tournament Manager plugin (versions ≤ 2.2.1) has a Cross-Site Request Forgery (CSRF) vulnerability that allows uploading a web shell to the web server. Exploitation would enable an attacker to place arbitrary files on the server via CSRF, potentially leading to unau...

CVE-2024-49674 WordPress EKC Tournament Manager plugin <= 2.2.1 - CSRF to Arbitrary File Upload vulnerability

Cross-Site Request Forgery CSRF vulnerability in lukashuser EKC Tournament Manager ekc-tournament-manager allows Upload a Web Shell to a Web Server.This issue affects EKC Tournament Manager: from n/a through = 2.2.1...

PT-2024-33626 · Unknown · Ekc Tournament Manager

Name of the Vulnerable Software and Affected Versions: EKC Tournament Manager versions n/a through 2.2.1 Description: A Cross-Site Request Forgery CSRF issue allows attackers to upload a web shell to a web server. This can be exploited by attackers to gain unauthorized access to the server...

WordPress plugin EKC Tournament Manager 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

CVE-2024-50510

Unrestricted Upload of File with Dangerous Type vulnerability in webandprint AR For Woocommerce ar-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects AR For Woocommerce: from n/a through = 6.3...

CVE-2024-50511

Unrestricted Upload of File with Dangerous Type vulnerability in donimedia WP donimedia carousel wp-donimedia-carousel allows Upload a Web Shell to a Web Server.This issue affects WP donimedia carousel: from n/a through = 1.0.1...

CVE-2024-50510 WordPress AR For Woocommerce plugin <= 6.3 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in webandprint AR For Woocommerce ar-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects AR For Woocommerce: from n/a through = 6.3...

CVE-2024-50510

CVE-2024-50510 affects the WordPress AR For Woocommerce plugin with affected versions n/a through 6.2. The issue is an unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to the web server. The CVSS vector indicates a critical, unauthenticated, network-ex...

CVE-2024-50510 WordPress AR For Woocommerce plugin <= 6.3 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in webandprint AR For Woocommerce ar-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects AR For Woocommerce: from n/a through = 6.3...

CVE-2024-50511 WordPress WP donimedia carousel plugin <= 1.0.1 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in donimedia WP donimedia carousel wp-donimedia-carousel allows Upload a Web Shell to a Web Server.This issue affects WP donimedia carousel: from n/a through = 1.0.1...

CVE-2024-50511

CVE-2024-50511 affects WordPress WP donimedia carousel plugin versions 1.0.1 and earlier. The vulnerability is an unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to the target server. This corresponds to an Arbitrary File Upload flaw in the plugin, wi...

PT-2024-34287 · WordPress · Wp Donimedia Carousel

Name of the Vulnerable Software and Affected Versions: WP donimedia carousel versions 1.0.1 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling an attacker to upload a web shell to a web server. Recommendations: For WP donimedi...