CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52376 – WordPress Boat Rental Plugin for WordPress plugin <= 1.0.1 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-52376
11 Nov 2024 — Unrestricted Upload of File with Dangerous Type vulnerability in cmsMinds Boat Rental Plugin for WordPress allows Upload a Web Shell to a Web Server.This issue affects Boat Rental Plugin for WordPress: from n/a through 1.0.1. The Boat Rental Plugin for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in a function in all versions up to, and including, 1.0.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affecte... • https://patchstack.com/database/vulnerability/boat-rental-system/wordpress-boat-rental-plugin-for-wordpress-plugin-1-0-1-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •