Vulnerabilities > Auto Featured Image Project

DATE CVE VULNERABILITY TITLE RISK
2024-06-27 CVE-2024-6054 Unrestricted Upload of File with Dangerous Type vulnerability in Auto-Featured-Image Project Auto-Featured-Image
The Auto Featured Image plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'create_post_attachment_from_url' function in all versions up to, and including, 1.2.
network
low complexity
auto-featured-image-project CWE-434
8.8