CVE-2024-13448 | ThemeREX Addons Plugin up to 2.32.3 on WordPress trx_addons_uploads_save_data unrestricted upload

Inserito da Angelo Barbosa | Gen 28, 2025 | CVE

A vulnerability, which was classified as critical, has been found in ThemeREX Addons Plugin up to 2.32.3 on WordPress. This issue affects the function trx_addons_uploads_save_data. The manipulation leads to unrestricted upload.

The identification of this vulnerability is CVE-2024-13448. The attack may be initiated remotely. There is no exploit available.

CVE-2024-13448 | ThemeREX Addons Plugin up to 2.32.3 on WordPress trx_addons_uploads_save_data unrestricted upload

Post correlati

CVE-2024-32353 | Totolink X5000R 9.1.0cu.2350_B20230313 /cgi-bin/cstecgi.cgi setSSServer port command injection

CVE-2024-26132 | Element up to 1.6.11 on Android information disclosure (GHSA-8wj9-cx7h-pvm4)

CVE-2024-3633 | WebP & SVG Support Plugin up to 1.4.0 on WordPress cross site scripting

CVE-2024-47041 | Google Android kernel syscall.c valid_address out-of-bounds