Vulnerabilities > Unrestricted Upload of File with Dangerous Type
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-31 | CVE-2024-10392 | The AI Power: Complete AI Pack plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_image_upload' function in all versions up to, and including, 1.8.89. | 9.8 |
2024-10-29 | CVE-2024-7985 | Unrestricted Upload of File with Dangerous Type vulnerability in Fileorganizer The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the "fileorganizer_ajax_handler" function in all versions up to, and including, 1.0.9. | 8.8 |
2024-10-28 | CVE-2024-50495 | Unrestricted Upload of File with Dangerous Type vulnerability in Widgilabs Plugin Propagator 0.1 Unrestricted Upload of File with Dangerous Type vulnerability in WidgiLabs Plugin Propagator allows Upload a Web Shell to a Web Server.This issue affects Plugin Propagator: from n/a through 0.1. | 9.8 |
2024-10-28 | CVE-2024-50496 | Unrestricted Upload of File with Dangerous Type vulnerability in Webandprint AR Unrestricted Upload of File with Dangerous Type vulnerability in Web and Print Design AR For WordPress allows Upload a Web Shell to a Web Server.This issue affects AR For WordPress: from n/a through 6.2. | 10.0 |
2024-10-28 | CVE-2024-50623 | Unrestricted Upload of File with Dangerous Type vulnerability in Cleo Harmony, Lexicom and Vltrader In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that could lead to remote code execution. | 9.8 |
2024-10-27 | CVE-2024-10420 | Unrestricted Upload of File with Dangerous Type vulnerability in Nurhodelta17 Attendance and Payroll System 1.0 A vulnerability classified as critical has been found in SourceCodester Attendance and Payroll System 1.0. | 9.8 |
2024-10-27 | CVE-2024-10413 | Unrestricted Upload of File with Dangerous Type vulnerability in Janobe Online Hotel Reservation System 1.0 A vulnerability, which was classified as critical, has been found in SourceCodester Online Hotel Reservation System 1.0. | 9.8 |
2024-10-27 | CVE-2024-10410 | Unrestricted Upload of File with Dangerous Type vulnerability in Janobe Online Hotel Reservation System 1.0 A vulnerability classified as critical was found in SourceCodester Online Hotel Reservation System 1.0. | 7.2 |
2024-10-26 | CVE-2024-9932 | The Wux Blog Editor plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'wuxbt_insertImageNew' function in versions up to, and including, 3.0.0. | 9.8 |
2024-10-23 | CVE-2024-10292 | Unrestricted Upload of File with Dangerous Type vulnerability in Zzcms 2023 A vulnerability was found in ZZCMS 2023 and classified as critical. | 9.8 |