Posts Tagged ‘file upload vulnerability’
MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor Vulnerability – Unauthenticated Sensitive Information Exposure – CVE-2024-4266 | WordPress Plugin Vulnerability Report
Plugin Name: MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor Key Information: Software Type: Plugin Software Slug: metform Software Status: Active Software Author: xpeedstudio Software Downloads: 3,830,788 Active Installs: 300,000 Last Updated: June 20, 2024 Patched Versions: 3.8.9 Affected Versions: <= 3.8.8 Vulnerability Details: Name: MetForm – Contact Form, Survey, Quiz,…
Read MoreDrag and Drop Multiple File Upload Vulnerability – Contact Form 7 – Sensitive Information Exposure – CVE-2024-3717 | WordPress Plugin Vulnerability Report
Plugin Name: Drag and Drop Multiple File Upload – Contact Form 7 Key Information: Software Type: Plugin Software Slug: drag-and-drop-multiple-file-upload-contact-form-7 Software Status: Active Software Author: glenwpcoder Software Downloads: 717,544 Active Installs: 60,000 Last Updated: May 10, 2024 Patched Versions: 1.3.7.8 Affected Versions: <= 1.3.7.7 Vulnerability Details: Name: Drag and Drop Multiple File Upload – Contact…
Read MoreAI Engine Vulnerability – Authenticated(Editor+) Arbitrary File Upload via add_image_from_url – CVE-2024-0699 | WordPress Plugin Vulnerability Report
Plugin Name: AI Engine Key Information: Software Type: Plugin Software Slug: ai-engine Software Status: Active Software Author: tigroumeow Software Downloads: 1,716,148 Active Installs: 50,000 Last Updated: January 18, 2024 Patched Versions: 2.1.5 Affected Versions: <= 2.1.4 Vulnerability Details: Name: AI Engine <= 2.1.4 – Authenticated(Editor+) Arbitrary File Upload via add_image_from_url Title: Authenticated(Editor+) Arbitrary File Upload via add_image_from_url Type: Unrestricted Upload of File with Dangerous Type CVE: CVE-2024-0699 CVSS…
Read MoreWordPress Plugin Vulnerability Report – Paid Memberships Pro – Authenticated (Subscriber+) Arbitrary File Upload – CVE-2023-6187
Plugin Name: Paid Memberships Pro Key Information: Software Type: Plugin Software Slug: paid-memberships-pro Software Status: Active Software Author: strangerstudios Software Downloads: 5,334,391 Active Installs: 90,000 Last Updated: November 16, 2023 Patched Versions: 2.12.4 Affected Versions: <= 2.12.3 Vulnerability Details: Name: Paid Memberships Pro <= 2.12.3 – Authenticated (Subscriber+) Arbitrary File Upload Title: Authenticated (Subscriber+) Arbitrary File Upload Type: Unrestricted Upload of File with Dangerous Type CVE: CVE-2023-6187 CVSS…
Read More