CVE-2024-7257 | YayExtra Plugin up to 1.3.7 on WordPress handle_upload_file unrestricted upload

Posted by Angelo Barbosa | Aug 3, 2024 | CVE

A vulnerability has been found in YayExtra Plugin up to 1.3.7 on WordPress and classified as critical. This vulnerability affects the function handle_upload_file. The manipulation leads to unrestricted upload.

This vulnerability was named CVE-2024-7257. The attack can be initiated remotely. There is no exploit available.

CVE-2024-7257 | YayExtra Plugin up to 1.3.7 on WordPress handle_upload_file unrestricted upload

Related Posts

CVE-2024-22424 | argocd up to 2.7.14/2.8.7/2.9.3/2.10-rc1 Setting cross-site request forgery (ID 2496)

CVE-2023-23349 | Kaspersky Password Manager prior 24.0.0.427 on Windows KPM Extension for Chrome sensitive information in memory

CVE-2024-2381 | AliExpress Dropshipping with AliNext Lite up to 3.3.5 on WordPress unrestricted upload

CVE-2024-1173 | WP ERP Plugin up to 1.13.1 on WordPress sql injection