CVE-2024-13091
CVE-2024-13091 affects the WPBot Pro WordPress plugin (versions ≤ 13.5.4). The vulnerability stems from missing file-type validation in the qcld_wpcfb_file_upload function, allowing unauthenticated attackers to upload arbitrary files to the server. This could enable remote code execution, especia...