CVE-2024-50526
CVE-2024-50526 affects the WordPress plugin Multi Purpose Mail Form (mahlamusa) versions n/a through 1.0.2, due to an unrestricted upload of dangerous file types that can lead to remote code execution. An unauthenticated, pre-authentication 0-click exploit exists (GitHub PoC) and demonstrates arb...