CVE-2026-23704 | Six Apart Movable Type 8.4 unrestricted upload

Inserito da Angelo Barbosa | Feb 4, 2026 | CVE

A vulnerability was found in Six Apart Movable Type, Movable Type Advanced and Movable Type Premium 8.4 and classified as critical. Impacted is an unknown function. The manipulation results in unrestricted upload. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is known as CVE-2026-23704. It is possible to launch the attack remotely. No exploit is available.

CVE-2026-23704 | Six Apart Movable Type 8.4 unrestricted upload

Post correlati

CVE-2024-0824 | Exclusive Addons for Elementor Plugin up to 2.6.8 on WordPress Link Anything cross site scripting

CVE-2024-2890 | Tumult Hype Animations Plugin up to 1.9.12 on WordPress unrestricted upload

CVE-2024-33541 | BetterAddons Better Elementor Addons Plugin up to 1.4.1 on WordPress path traversal

CVE-2024-1501 | Database Reset Plugin up to 3.22 on WordPress WP Reset Plugin Installation cross-site request forgery