2180 matches found
CVE-2024-52400 WordPress Gallerio plugin <= 1.01 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Subhasis Laha Gallerio allows Upload a Web Shell to a Web Server.This issue affects Gallerio: from n/a through 1.01...
CVE-2024-52403 WordPress User Management plugin <= 1.1 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Saad Iqbal User Management user-management allows Upload a Web Shell to a Web Server.This issue affects User Management: from n/a through = 1.1...
CVE-2024-52403
CVE-2024-52403 concerns the WordPress plugin “User Management” (versions n/a through 1.1). The vulnerability is an Unrestricted Upload of File with Dangerous Type, enabling an attacker with Subscriber privileges to upload arbitrary files (e.g., web shells) to the web server. Public references in ...
CVE-2024-52403 WordPress User Management plugin <= 1.1 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Saad Iqbal User Management user-management allows Upload a Web Shell to a Web Server.This issue affects User Management: from n/a through = 1.1...
CVE-2024-52405 WordPress B-Banner Slider plugin <= 1.1 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in bikramjoshii B-Banner Slider b-banner-slider allows Upload a Web Shell to a Web Server.This issue affects B-Banner Slider: from n/a through = 1.1...
CVE-2024-52406 WordPress CSV to html plugin <= 3.04 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Wibergs Web CSV to html allows Upload a Web Shell to a Web Server.This issue affects CSV to html: from n/a through 3.04...
CVE-2024-52406 WordPress CSV to html plugin <= 3.26 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in wibergsweb CSV to html csv-to-html allows Upload a Web Shell to a Web Server.This issue affects CSV to html: from n/a through = 3.26...
CVE-2024-52407 WordPress BasePress Migration Tools plugin <= 1.0.0 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in BasePress BasePress Migration Tools basepress-migration-tools allows Upload a Web Shell to a Web Server.This issue affects BasePress Migration Tools: from n/a through = 1.0.0...
CVE-2024-52407 WordPress BasePress Migration Tools plugin <= 1.0.0 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in codeSavory BasePress Migration Tools allows Upload a Web Shell to a Web Server.This issue affects BasePress Migration Tools: from n/a through 1.0.0...
CVE-2024-52407
CVE-2024-52407 (WordPress BasePress Migration Tools) affects BasePress Migration Tools (WordPress plugin) versions
CVE-2024-52408 WordPress Push Notifications for WordPress by PushAssist plugin <= 3.0.8 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in pushassist Push Notifications for WordPress by PushAssist push-notification-for-wp-by-pushassist allows Upload a Web Shell to a Web Server.This issue affects Push Notifications for WordPress by PushAssist: from n/a through = 3.0.8...
CVE-2024-52408 WordPress Push Notifications for WordPress by PushAssist plugin <= 3.0.8 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in pushassist Push Notifications for WordPress by PushAssist push-notification-for-wp-by-pushassist allows Upload a Web Shell to a Web Server.This issue affects Push Notifications for WordPress by PushAssist: from n/a through = 3.0.8...
CVE-2024-52416 WordPress Debug Tool plugin <= 2.2 - Remote Code Execution vulnerability
Missing Authorization vulnerability in Eugen Bobrowski Debug Tool debug-tool allows Upload a Web Shell to a Web Server.This issue affects Debug Tool: from n/a through = 2.2...
CVE-2024-52416
CVE-2024-52416 affects the WordPress Debug Tool plugin, vulnerable in versions n/a through 2.2 due to missing authorization checks and file type validation, enabling unauthenticated attackers to upload a web shell and potentially achieve remote code execution. The issue is associated with the dbt...
PT-2024-35235 · Unknown · Convert Docx2Post
Name of the Vulnerable Software and Affected Versions: Convert Docx2post versions n/a through 1.4 Description: The issue allows an unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can be exploited by uploading a malicious file to the...
PT-2024-35242 · WordPress · Wpexperts User Management
Name of the Vulnerable Software and Affected Versions: WPExperts User Management versions n/a through 1.1 Description: The issue allows users to upload files that are dangerous, potentially leading to the uploading of a web shell to a web server. This can be exploited by uploading harmful files,...
PT-2024-35239 · Subhasis Laha · Gallerio
Name of the Vulnerable Software and Affected Versions: Subhasis Laha Gallerio versions n/a through 1.01 Description: The issue allows an unrestricted upload of a file with a dangerous type, enabling the upload of a web shell to a web server. This can lead to potential security risks...
PT-2024-35244 · Unknown · B-Banner Slider
Name of the Vulnerable Software and Affected Versions: B-Banner Slider versions 1.1 and earlier Description: The issue is related to an unrestricted upload of files with dangerous types, allowing an attacker to upload a web shell to a web server. This poses a severe cybersecurity risk...
PT-2024-35256 · Unknown · Eugen Bobrowski Debug Tool
Name of the Vulnerable Software and Affected Versions: Eugen Bobrowski Debug Tool versions n/a through 2.2 Description: The issue is related to a Missing Authorization vulnerability in the Eugen Bobrowski Debug Tool, which allows an attacker to upload a web shell to a web server. Recommendations:...
PT-2024-35237 · Unknown · Clarisse K. Writer Helper
Name of the Vulnerable Software and Affected Versions: Clarisse K. Writer Helper versions 3.1.6 and earlier Description: The issue allows users to upload dangerous files, potentially enabling web server compromise by uploading a web shell. This can be exploited by attackers to gain unauthorized...