CVE-2024-6451 | AI Engine Plugin up to 2.5.0 on WordPress File Extension logs_path unrestricted upload

Inserito da Angelo Barbosa | Ago 19, 2024 | CVE

A vulnerability classified as critical was found in AI Engine Plugin up to 2.5.0 on WordPress. This vulnerability affects unknown code of the component File Extension Handler. The manipulation of the argument logs_path leads to unrestricted upload.

This vulnerability was named CVE-2024-6451. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-6451 | AI Engine Plugin up to 2.5.0 on WordPress File Extension logs_path unrestricted upload

Post correlati

CVE-2024-0485 | code-projects Fighting Cock Information System 1.0 add_con.php id sql injection

CVE-2023-52059 | Gestsup 3.2.46 Description cross site scripting

CVE-2024-1399 | Restaurant Menu and Food Ordering Plugin up to 2.4.0 on WordPress Shortcode cross site scripting

CVE-2024-43318 | e2pdf Plugin up to 1.25.05 on WordPress cross site scripting