CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9417 – Hash Form - Drag & Drop Form Builder <= 1.1.9 - Unauthenticated Limited File Upload
https://notcve.org/view.php?id=CVE-2024-9417
The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to limited file uploads due to a misconfigured file type validation in the 'handleUpload' function in all versions up to, and including, 1.1.9. This makes it possible for unauthenticated attackers to upload files that are excluded from both the 'allowedExtensions' and 'unallowed_extensions' arrays on the affected site's server, including files that may contain cross-site scripting. • https://plugins.trac.wordpress.org/browser/hash-form/trunk/admin/classes/HashFormUploader.php#L107 https://plugins.trac.wordpress.org/browser/hash-form/trunk/admin/classes/HashFormUploader.php#L135 https://plugins.trac.wordpress.org/changeset/3161828 https://www.wordfence.com/threat-intel/vulnerabilities/id/cad7731a-1f81-4055-9b49-15b35edd3fcf?source=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5085 – Hash Form – Drag & Drop Form Builder <= 1.1.0 - Unauthenticated PHP Object Injection
https://notcve.org/view.php?id=CVE-2024-5085
The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.0 via deserialization of untrusted input in the 'process_entry' function. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. El complemento Hash Form – Drag & Drop Form Builder para WordPress es vulnerable a la inyección de objetos PHP en todas las versiones hasta la 1.1.0 incluida a través de la deserialización de entradas que no son de confianza en la función 'process_entry'. • https://plugins.trac.wordpress.org/browser/hash-form/trunk/admin/classes/HashFormEntry.php#L353 https://plugins.trac.wordpress.org/changeset/3090341 https://www.wordfence.com/threat-intel/vulnerabilities/id/0166a2b2-24e2-4dd6-8842-d3e8dd7bb0dc?source=cve • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 32%CPEs: 1EXPL: 4CVE-2024-5084 – Hash Form – Drag & Drop Form Builder <= 1.1.0 - Unauthenticated Arbitrary File Upload to Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-5084
The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'file_upload_action' function in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. El complemento Hash Form – Drag & Drop Form Builder para WordPress es vulnerable a cargas de archivos arbitrarias debido a la falta de validación del tipo de archivo en la función 'file_upload_action' en todas las versiones hasta la 1.1.0 incluida. Esto hace posible que atacantes no autenticados carguen archivos arbitrarios en el servidor del sitio afectado, lo que puede hacer posible la ejecución remota de código. • https://github.com/WOOOOONG/CVE-2024-5084 https://github.com/KTN1990/CVE-2024-5084 https://github.com/Chocapikk/CVE-2024-5084 https://github.com/k3lpi3b4nsh33/CVE-2024-5084 https://plugins.trac.wordpress.org/browser/hash-form/trunk/admin/classes/HashFormBuilder.php#L764 https://plugins.trac.wordpress.org/changeset/3090341 https://www.wordfence.com/threat-intel/vulnerabilities/id/eef9e2fa-d8f0-42bf-95ac-ee4cafff0b14?source=cve https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/h • CWE-434: Unrestricted Upload of File with Dangerous Type •