CVE-2024-54262 WordPress Import Export For WooCommerce plugin <= 1.6.2 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in sidngr Import Export For WooCommerce import-export-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects Import Export For WooCommerce: from n/a through = 1.6.2...

PT-2024-36143 · Woocommerce · Import Export For Woocommerce

Name of the Vulnerable Software and Affected Versions: Import Export For WooCommerce versions 1.5 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to further exploitation...

CVE-2024-53811

Unrestricted Upload of File with Dangerous Type vulnerability in POSIMYTH WDesignkit wdesignkit allows Upload a Web Shell to a Web Server.This issue affects WDesignkit: from n/a through = 1.0.40...

CVE-2024-54214 WordPress Revy plugin <= 1.18 - Unauthenticated Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Roninwp Revy allows Upload a Web Shell to a Web Server.This issue affects Revy: from n/a through 1.18...

CVE-2024-54214

CVE-2024-54214 describes an unrestricted/unauthenticated upload of files with dangerous types in the WordPress Revy plugin (versions &lt;= 1.18). The vulnerability enables uploading a web shell to the web server, with CVSSv3.1 score reported as 10.0 (critical). Public references in connected docs...

CVE-2024-53811

CVE-2024-53811 describes an Unrestricted Upload of File with Dangerous Type in the WordPress WDesignkit plugin (versions up to and including 1.0.40), enabling an attacker to upload a Web Shell to the web server. Affected software: WDesignkit (POSIMYTH) up to 1.0.40. Reported impact is unauthentic...

CVE-2024-53811 WordPress WDesignKit plugin <= 1.0.40 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in POSIMYTH WDesignkit wdesignkit allows Upload a Web Shell to a Web Server.This issue affects WDesignkit: from n/a through = 1.0.40...

PT-2024-36092 · Revy · Revy

Name of the Vulnerable Software and Affected Versions: Revy versions 1.1 through 1.18 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to further exploitation and potential takeover o...

PT-2024-35926 · Unknown · Wdesignkit

Name of the Vulnerable Software and Affected Versions: WDesignkit versions 1.0.0 through 1.0.40 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can be exploited to gain unauthorized access to the...

Exploit for Unrestricted Upload of File with Dangerous Type in Chamilo Chamilo_Lms

CVE-2023-4220-exploit Carga de archivos sin restricciones en...

VulnCheck KEV: CVE-2023-4220

Unrestricted file upload in big file upload functionality in /main/inc/lib/javascript/bigupload/inc/bigUpload.php in Chamilo LMS = v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell...

CVE-2024-52476

Unrestricted Upload of File with Dangerous Type vulnerability in Stefan Bohacek Fediverse Embeds fediverse-embeds allows Upload a Web Shell to a Web Server.This issue affects Fediverse Embeds: from n/a through = 1.5.3...

CVE-2024-52476

CVE-2024-52476 describes an Unrestricted Upload of File with Dangerous Type in the WordPress plugin Fediverse Embeds (versions

CVE-2024-52476 WordPress Fediverse Embeds plugin <= 1.5.3 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Stefan Bohacek Fediverse Embeds fediverse-embeds allows Upload a Web Shell to a Web Server.This issue affects Fediverse Embeds: from n/a through = 1.5.3...

CVE-2024-52490

CVE-2024-52490 affects the WordPress Pathomation plugin (versions

CVE-2024-52490 WordPress Pathomation plugin <= 2.5.1 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in pathomation Pathomation pathomation allows Upload a Web Shell to a Web Server.This issue affects Pathomation: from n/a through = 2.5.1...

PT-2024-35331 · Unknown · Pathomation

Name of the Vulnerable Software and Affected Versions: Pathomation versions n/a through 2.5.1 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can be exploited by uploading harmful files...

CVE-2024-52401

Cross-Site Request Forgery CSRF vulnerability in HuangYe WuDeng Hacklog DownloadManager hacklog-downloadmanager allows Upload a Web Shell to a Web Server.This issue affects Hacklog DownloadManager: from n/a through = 2.1.4...

CVE-2024-52402

Cross-Site Request Forgery CSRF vulnerability in gunghoinc Exclusive Content Password Protect exclusive-content-password-protect allows Upload a Web Shell to a Web Server.This issue affects Exclusive Content Password Protect: from n/a through = 1.1.0...

CVE-2024-52401 WordPress Hacklog DownloadManager plugin <=2.1.4 - CSRF to Arbitrary File Upload vulnerability

Cross-Site Request Forgery CSRF vulnerability in 荒野无灯 Hacklog DownloadManager allows Upload a Web Shell to a Web Server.This issue affects Hacklog DownloadManager: from n/a through 2.1.4...