PT-2024-34286 · WordPress · Ean For Woocommerce

Name of the Vulnerable Software and Affected Versions: AR For Woocommerce versions n/a through 6.2 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. Recommendations: For versions n/a through 6.2,...

CVE-2024-50420

Unrestricted Upload of File with Dangerous Type vulnerability in aDirectory aDirectory adirectory allows Upload a Web Shell to a Web Server.This issue affects aDirectory: from n/a through = 1.3...

CVE-2024-50420

CVE-2024-50420 (WordPress aDirectory plugin

CVE-2024-50473 WordPress Ajar in5 Embed plugin <= 3.1.3 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Ajar Productions Ajar in5 Embed ajar-productions-in5-embed allows Upload a Web Shell to a Web Server.This issue affects Ajar in5 Embed: from n/a through = 3.1.3...

CVE-2024-50473

CVE-2024-50473 : Ajar in5 Embed for WordPress is vulnerable to unauthenticated arbitrary file upload up to version 3.1.3 due to missing file-type validation. This unrestricted upload allows placing files (e.g., web shells) on the server (upload path shown in PoC: /wp-content/uploads/2024/php5/). ...

CVE-2024-50493

Unrestricted Upload of File with Dangerous Type vulnerability in masterhomepage Automatic Translation automatic-translation allows Upload a Web Shell to a Web Server.This issue affects Automatic Translation: from n/a through = 1.0.4...

CVE-2024-50494

Unrestricted Upload of File with Dangerous Type vulnerability in Amin Omer Sudan Payment Gateway for WooCommerce wc-sudan-payment-gateway allows Upload a Web Shell to a Web Server.This issue affects Sudan Payment Gateway for WooCommerce: from n/a through = 1.2.2...

CVE-2024-50484

Unrestricted Upload of File with Dangerous Type vulnerability in Lindeni Mahlalela Multi Purpose Mail Form multi-purpose-mail-form allows Upload a Web Shell to a Web Server.This issue affects Multi Purpose Mail Form: from n/a through = 1.0.2...

CVE-2024-50480

Unrestricted Upload of File with Dangerous Type vulnerability in azexo Marketing Automation by AZEXO marketing-automation-by-azexo allows Upload a Web Shell to a Web Server.This issue affects Marketing Automation by AZEXO: from n/a through = 1.27.80...

CVE-2024-50482

CVE-2024-50482 (Woocommerce Product Design) affects the WordPress plugin Woocommerce Product Design versions up to and including 1.0.0. The issue is an unauthenticated, unrestricted file upload vulnerability that allows uploading of dangerous file types, enabling an attacker to place arbitrary fi...

CVE-2024-50484

CVE-2024-50484 : Unrestricted Upload of File with Dangerous Type in the WordPress plugin “Multi Purpose Mail Form” (Mahlamusa) allows uploading a web shell to the web server. Affected versions: 1.0.2 and earlier. The CVE entry notes an Arbitrary File Upload issue; the provided documents indicate ...

CVE-2024-50484 WordPress Multi Purpose Mail Form plugin <= 1.0.2 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Lindeni Mahlalela Multi Purpose Mail Form multi-purpose-mail-form allows Upload a Web Shell to a Web Server.This issue affects Multi Purpose Mail Form: from n/a through = 1.0.2...

CVE-2024-50493 WordPress Automatic Translation plugin <= 1.0.4 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in masterhomepage Automatic Translation automatic-translation allows Upload a Web Shell to a Web Server.This issue affects Automatic Translation: from n/a through = 1.0.4...

CVE-2024-50494

CVE-2024-50494 affects Sudan Payment Gateway for WooCommerce (plugin

CVE-2024-50494 WordPress Sudan Payment Gateway for WooCommerce plugin <= 1.2.2 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Amin Omer Sudan Payment Gateway for WooCommerce wc-sudan-payment-gateway allows Upload a Web Shell to a Web Server.This issue affects Sudan Payment Gateway for WooCommerce: from n/a through = 1.2.2...

PT-2024-34194 · Unknown · Adirectory

Name of the Vulnerable Software and Affected Versions: aDirectory versions n/a through 1.3 Description: The issue allows for the unrestricted upload of files with dangerous types to a web server, potentially enabling the upload of a web shell. This could lead to unauthorized access and control of...

PT-2024-34257 · Azexo · Marketing Automation

Name of the Vulnerable Software and Affected Versions: Marketing Automation by AZEXO versions 1.27.80 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling an attacker to upload a web shell to a web server. Recommendations: For...

PT-2024-34259 · Unknown · Woocommerce Product Design

Name of the Vulnerable Software and Affected Versions: WooCommerce Product Design versions prior to 1.0.0 Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling an attacker to upload a web shell to a web server. Recommendations: For versions...

PT-2024-34261 · Unknown · Mahlamusa Multi Purpose Mail Form

Name of the Vulnerable Software and Affected Versions: Mahlamusa Multi Purpose Mail Form versions 1.0.2 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling an attacker to upload a web shell to a web server. Recommendations: For...

CVE-2024-50496

Unrestricted Upload of File with Dangerous Type vulnerability in Web and Print Design AR For WordPress allows Upload a Web Shell to a Web Server.This issue affects AR For WordPress: from n/a through 6.2...