CVE-2024-13494 | nickboss File Upload Plugin up to 4.25.2 on WordPress wfu_file_details cross-site request forgery

Inserito da Angelo Barbosa | Feb 25, 2025 | CVE

A vulnerability was found in nickboss File Upload Plugin up to 4.25.2 on WordPress. It has been classified as problematic. Affected is the function wfu_file_details. The manipulation leads to cross-site request forgery.

This vulnerability is traded as CVE-2024-13494. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-13494 | nickboss File Upload Plugin up to 4.25.2 on WordPress wfu_file_details cross-site request forgery

Post correlati

CVE-2024-32162 | CMSeasy 7.7.7.9 denial of service

CVE-2024-27782 | Fortinet FortiAIOps 2.0.0 Requests session expiration (FG-IR-24-069)

CVE-2024-9793 | Tenda AC1206 up to 15.03.06.23 /goform/ate ate_iwpriv_set/ate_ifconfig_set command injection

CVE-2024-38734 | SpreadsheetConverter Import Spreadsheets from Microsoft Excel Plugin up to 10.1.4 on WordPress unrestricted upload