CVE-2024-5084 | hashthemes Hash Form Plugin up to 1.1.0 on WordPress file_upload_action unrestricted upload

Posted by Angelo Barbosa | May 23, 2024 | CVE

A vulnerability was found in hashthemes Hash Form Plugin up to 1.1.0 on WordPress. It has been declared as critical. Affected by this vulnerability is the function file_upload_action. The manipulation leads to unrestricted upload.

This vulnerability is known as CVE-2024-5084. The attack can be launched remotely. There is no exploit available.

CVE-2024-5084 | hashthemes Hash Form Plugin up to 1.1.0 on WordPress file_upload_action unrestricted upload

Related Posts

CVE-2024-36858 | Jan 0.4.12 File /v1/app/writeFileSync unrestricted upload

CVE-2024-35161 | Apache Traffic Server up to 8.1.10/9.2.4 Chunked Trailer Section request smuggling

CVE-2024-29897 | miraheze CreateWiki REST API Special:RequestWikiQueue information disclosure

CVE-2021-4448 | SayenThemes Kaswara Modern VC Addons Plugin up to 3.0.1 on WordPress authorization