CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7129 – Appointment Booking Calendar < 1.6.7.43 - Admin+ Template Injection to RCE
https://notcve.org/view.php?id=CVE-2024-7129
The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin WordPress plugin before 1.6.7.43 does not escape template syntax provided via user input, leading to Twig Template Injection which further exploited can result to remote code Execution by high privilege such as admins • https://wpscan.com/vulnerability/00ad9b1a-97a5-425f-841e-ea48f72ecda4 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8242 – MStore API – Create Native Android & iOS Apps On The Cloud <= 4.15.3 - Authenticated (Subscriber+) Limited Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-8242
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the update_user_profile() function in all versions up to, and including, 4.15.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload arbitrary files (not including PHP files) on the affected site's server which may make remote code execution possible. • https://plugins.trac.wordpress.org/browser/mstore-api/trunk/controllers/flutter-user.php#L1053 https://plugins.trac.wordpress.org/changeset/3147900/mstore-api/trunk/controllers/flutter-user.php https://plugins.trac.wordpress.org/changeset/3147900/mstore-api/trunk/functions/index.php https://www.wordfence.com/threat-intel/vulnerabilities/id/fe3834a6-a6f5-4cc7-951e-a6ada6346b07?source=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7626 – WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) <= 1.6.9 - Improper Path Validation to Authenticated (Subscriber+) Arbitrary File Move and Read
https://notcve.org/view.php?id=CVE-2024-7626
The WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) plugin for WordPress is vulnerable to arbitrary file movement and reading due to insufficient file path validation in the save_edit_profile_details() function in all versions up to, and including, 1.6.9. This makes it possible for authenticated attackers, with subscriber-level access and above, to move arbitrary files on the server, which can easily lead to remote code execution when the right file is moved (such as wp-config.php). • https://www.wordfence.com/threat-intel/vulnerabilities/id/3c98bb53-9f7e-4ab3-9676-e3dbfb4a0519?source=cve https://plugins.trac.wordpress.org/browser/delicious-recipes/tags/1.6.7/src/dashboard/class-delicious-recipes-form-handler.php#L260 https://plugins.trac.wordpress.org/browser/delicious-recipes/tags/1.6.7/src/dashboard/class-delicious-recipes-form-handler.php#L355 https://plugins.trac.wordpress.org/changeset/3148996/delicious-recipes/trunk/src/dashboard/class-delicious-recipes-form-handler.php • CWE-73: External Control of File Name or Path •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7770 – Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress <= 6.5.5 - Authenticated (Subscriber+) Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-7770
The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'upload' function in all versions up to, and including, 6.5.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, and granted upload permissions by an administrator, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://www.wordfence.com/threat-intel/vulnerabilities/id/9cae7702-e531-45b9-9131-42edbc073a07?source=cve https://plugins.trac.wordpress.org/browser/file-manager/trunk/backend/app/Http/Controllers/FileManagerController.php#L26 https://plugins.trac.wordpress.org/browser/file-manager/trunk/libs/elFinder/php/elFinderConnector.class.php#L160 https://plugins.trac.wordpress.org/browser/file-manager/trunk/libs/elFinder/php/elFinder.class.php#L1210 https://plugins.trac.wordpress.org/browser/file-manager/trunk/libs/elFinder/p • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7620 – Customizer Export/Import <= 0.9.7 - Authenticated (Admin+) Arbitrary File Upload via Customization Settings Import
https://notcve.org/view.php?id=CVE-2024-7620
The Customizer Export/Import plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the '_import' function in all versions up to, and including, 0.9.7. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://plugins.trac.wordpress.org/changeset/3144365/customizer-export-import https://www.wordfence.com/threat-intel/vulnerabilities/id/7600e7df-725d-4877-b0bf-5329f814723f?source=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •