CVE-2024-4389 | averta Slider & Popup Builder Plugin up to 3.1.1 on WordPress uploadFile unrestricted upload

Inserito da Angelo Barbosa | Ago 14, 2024 | CVE

A vulnerability, which was classified as critical, has been found in averta Slider & Popup Builder Plugin up to 3.1.1 on WordPress. This issue affects the function uploadFile. The manipulation leads to unrestricted upload.

The identification of this vulnerability is CVE-2024-4389. The attack may be initiated remotely. There is no exploit available.

CVE-2024-4389 | averta Slider & Popup Builder Plugin up to 3.1.1 on WordPress uploadFile unrestricted upload

Post correlati

CVE-2024-37734 | OpenEMR 7.0.2 POST Request noteid Privilege Escalation

CVE-2024-38458 | Xenforo up to 2.2.15 code injection

CVE-2023-51773 | BACnet Stack up to 1.3.1 APDU bacapp.c bacapp_decode_application_data buffer overflow

CVE-2023-48617 | Adobe Experience Manager AEM Cloud Service/6.5.18.0 cross site scripting (APSB23-72)