2180 matches found
CVE-2024-52377
CVE-2024-52377 affects BdThemes Instant Image Generator (WordPress plugin) and allows Unrestricted Upload of a Web Shell by uploading dangerous file types. Affected versions are 1.5.4 and earlier; Patchstack reports a fix in 1.5.3, and Wordfence vulnerability listings reference patched/reduced ex...
CVE-2024-52377 WordPress Instant Image Generator (One Click Image Uploads from Pixabay, Pexels and OpenAI) plugin <= 1.5.2 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in bdthemes Instant Image Generator ai-image allows Upload a Web Shell to a Web Server.This issue affects Instant Image Generator: from n/a through = 1.5.2...
CVE-2024-52379 WordPress kineticPay for WooCommerce plugin <= 2.0.8 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in faizalbahasan kineticPay for WooCommerce kineticpay-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects kineticPay for WooCommerce: from n/a through = 2.0.8...
CVE-2024-52379
CVE-2024-52379 is an Unrestricted Upload of File with Dangerous Type vulnerability in the WordPress plugin kineticPay for WooCommerce by Kinetic Innovative Technologies Sdn Bhd. The issue allows an unauthenticated attacker to upload arbitrary files (including a web shell) to the web server. Affec...
CVE-2024-52379 WordPress kineticPay for WooCommerce plugin <= 2.0.8 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in faizalbahasan kineticPay for WooCommerce kineticpay-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects kineticPay for WooCommerce: from n/a through = 2.0.8...
CVE-2024-52380
CVE-2024-52380 pertains to the WordPress plugin Picsmize by Softpulse Infotech. The connected sources confirm an Unrestricted Upload of File with Dangerous Type vulnerability affecting Picsmize versions up to 1.0.0, enabling an attacker to upload a web shell to the target server and potentially a...
CVE-2024-52384
The WordPress plugin Sage AI: Chatbots, OpenAI GPT-4 Bulk Articles, Dalle-3 Image Generation is vulnerable to Unrestricted Upload of File with Dangerous Type (CVE-2024-52384) up to version 2.4.9. The issue, caused by unrestricted file uploads, could allow an attacker to upload a web shell to the ...
PT-2024-35213 · Cmsminds · Cmsminds Boat Rental Plugin For Wordpress
Name of the Vulnerable Software and Affected Versions: cmsMinds Boat Rental Plugin for WordPress versions 1.0.1 and earlier Description: The issue allows malicious file uploads, posing a risk of web server compromise. This can enable an attacker to upload a web shell to a web server...
PT-2024-35222 · Openai · Openai Gpt-4
Name of the Vulnerable Software and Affected Versions: Sage AI: Chatbots, OpenAI GPT-4 Bulk Articles, Dalle-3 Image Generation versions n/a through 2.4.9 Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling the upload of a web shell to a we...
PT-2024-35216 · Woocommerce · Kineticpay For Woocommerce
Name of the Vulnerable Software and Affected Versions: kineticPay for WooCommerce versions 2.0.8 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling the upload of a web shell to a web server. This could compromise sites...
PT-2024-35209 · Webtechglobal · Webtechglobal Easy Csv Importer
Name of the Vulnerable Software and Affected Versions: WebTechGlobal Easy CSV Importer BETA versions n/a through 7.0.0 Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling the upload of a web shell to a web server. This poses a significant...
PT-2024-35207 · WordPress · Hive Support – Wordpress Help Desk
Name of the Vulnerable Software and Affected Versions: Hive Support – WordPress Help Desk versions 1.1.1 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling an attacker to upload a web shell to a web server. This could grant an...
PT-2024-35211 · Unknown · Do That Task
Name of the Vulnerable Software and Affected Versions: Do That Task versions 1.5.5 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can be exploited to gain unauthorized access to the...
PT-2024-35218 · Picsmize · Picsmize
Name of the Vulnerable Software and Affected Versions: Picsmize versions 1.0.0 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can lead to remote code execution. Recommendations: For...
CVE-2024-51793
Unrestricted Upload of File with Dangerous Type vulnerability in Webful Creations Computer Repair Shop allows Upload a Web Shell to a Web Server.This issue affects Computer Repair Shop: from n/a through 3.8115...
CVE-2024-51793
Unrestricted Upload of File with Dangerous Type vulnerability in Webful Creations Computer Repair Shop allows Upload a Web Shell to a Web Server.This issue affects Computer Repair Shop: from n/a through 3.8115...
CVE-2024-51793
Unrestricted Upload of File with Dangerous Type vulnerability in Ateeq Rafeeq RepairBuddy computer-repair-shop allows Upload a Web Shell to a Web Server.This issue affects RepairBuddy: from n/a through = 3.8115...
CVE-2024-51792
Unrestricted Upload of File with Dangerous Type vulnerability in Dang Ngoc Binh Audio Record audio-record allows Upload a Web Shell to a Web Server.This issue affects Audio Record: from n/a through = 1.0...
CVE-2024-51791
Unrestricted Upload of File with Dangerous Type vulnerability in Made I.T. Forms allows Upload a Web Shell to a Web Server.This issue affects Forms: from n/a through 2.8.0...
CVE-2024-51791
Unrestricted Upload of File with Dangerous Type vulnerability in Made I.T. Forms forms-by-made-it allows Upload a Web Shell to a Web Server.This issue affects Forms: from n/a through = 2.8.0...