CVE-2024-9939 | File Upload Plugin up to 4.24.13 on WordPress wfu_file_downloader.php path traversal

Inserito da Angelo Barbosa | Gen 7, 2025 | CVE

A vulnerability, which was classified as critical, was found in File Upload Plugin up to 4.24.13 on WordPress. Affected is an unknown function of the file wfu_file_downloader.php. The manipulation leads to path traversal.

This vulnerability is traded as CVE-2024-9939. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-9939 | File Upload Plugin up to 4.24.13 on WordPress wfu_file_downloader.php path traversal

Post correlati

CVE-2024-11115 | Google Chrome up to 130.0.6723.116 on iOS Navigation Remote Code Execution

CVE-2024-4966 | SourceCodester SchoolWebTech 1.0 /improve/home.php image unrestricted upload

CVE-2024-49366 | 0xJacky Nginx-UI up to 2.0.0-beta.35 JSON Field path traversal

CVE-2024-27873 | Apple macOS Video out-of-bounds write