CVE-2024-4389 | averta Slider & Popup Builder Plugin up to 3.1.1 on WordPress uploadFile unrestricted upload

Posted by Angelo Barbosa | Aug 14, 2024 | CVE

A vulnerability, which was classified as critical, has been found in averta Slider & Popup Builder Plugin up to 3.1.1 on WordPress. This issue affects the function uploadFile. The manipulation leads to unrestricted upload.

The identification of this vulnerability is CVE-2024-4389. The attack may be initiated remotely. There is no exploit available.

CVE-2024-4389 | averta Slider & Popup Builder Plugin up to 3.1.1 on WordPress uploadFile unrestricted upload

Related Posts

CVE-2024-40553 | Tmall Demo 2024.07.03 uploadUserHeadImage unrestricted upload

CVE-2024-41463 | Tenda FH1201 1.2.0.14 ip/goform/addressNat entrys stack-based overflow

CVE-2024-50248 | Linux Kernel up to 6.6.59/6.11.6 ntfs3 mi_enum_attr memory corruption (22cdf3be7d34/809f9b419c75/556bdf27c2dd)

CVE-2024-1779 | Admin Side Data Storage for Contact Form 7 Plugin up to 1.1.1 on WordPress Read Status Update authorization