CVE-2024-7384 | Acyba AcyMailing Plugin up to 9.7.2 on WordPress acym_extractArchive unrestricted upload

Inserito da Angelo Barbosa | Ago 21, 2024 | CVE

A vulnerability was found in Acyba AcyMailing Plugin up to 9.7.2 on WordPress. It has been declared as critical. Affected by this vulnerability is the function acym_extractArchive. The manipulation leads to unrestricted upload.

This vulnerability is known as CVE-2024-7384. The attack can be launched remotely. There is no exploit available.

CVE-2024-7384 | Acyba AcyMailing Plugin up to 9.7.2 on WordPress acym_extractArchive unrestricted upload

Post correlati

CVE-2024-31902 | IBM InfoSphere Information Server 11.7 cross-site request forgery (XFDB-289234)

CVE-2024-22549 | FlyCMS 1.0 Email Settings cross site scripting

CVE-2024-4187 | OpenText Filr 24.1.1/24.2 cross site scripting

CVE-2024-36460 | Zabbix up to 5.0.42/6.0.30/6.4.15/7.0.0rc2 Front-end Audit Log credentials storage