CVE-2024-7777 – Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder 2.0 - 2.13.9 - Authenticated (Administrator+) Arbitrary File Read And Deletion
https://notcve.org/view.php?id=CVE-2024-7777
This makes it possible for authenticated attackers, with Administrator-level access and above, to read and delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). • https://plugins.trac.wordpress.org/browser/bit-form/tags/2.13.3/includes/Admin/AdminAjax.php#L829 https://plugins.trac.wordpress.org/browser/bit-form/tags/2.13.3/includes/Admin/AdminAjax.php#L852 https://plugins.trac.wordpress.org/browser/bit-form/tags/2.13.3/includes/Admin/AdminAjax.php#L875 https://plugins.trac.wordpress.org/browser/bit-form/tags/2.13.3/includes/Admin/AdminAjax.php#L898 https://www.wordfence.com/threat-intel/vulnerabilities/id/4deb128d-0163-4a8e-9591-87352f74c3ef?source& • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2024-7782 – Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder 2.0 - 2.13.4 - Authenticater (Administrator+) Arbitrary File Deletion
https://notcve.org/view.php?id=CVE-2024-7782
This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). • https://plugins.trac.wordpress.org/browser/bit-form/tags/2.13.0/includes/Admin/AdminAjax.php#L1271 https://www.wordfence.com/threat-intel/vulnerabilities/id/d4da8ead-326f-4c93-b56d-8bfa643d7906?source=cve • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2024-5932 – GiveWP – Donation Plugin and Fundraising Platform <= 3.14.1 - Unauthenticated PHP Object Injection to Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-5932
The additional presence of a POP chain allows attackers to execute code remotely, and to delete arbitrary files. The GiveWP Donation plugin and Fundraising Platform plugin for WordPress in all versions up to and including 3.14.1 is vulnerable to a PHP object injection (POI) flaw granting an unauthenticated attacker arbitrary code execution. • tab=readme-ov-file https://github.com/0xb0mb3r/CVE-2024-5932-PoC https://github.com/EQSTLab/CVE-2024-5932 https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/includes/login-register.php#L235 https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/includes/process-donation.php#L420 https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/src/DonorDashboards/Tabs/EditProfileTab/AvatarRoute.php#L51 https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/vendor/tecn • CWE-502: Deserialization of Untrusted Data •
CVE-2022-1206 – AdRotate – Ad manager & AdSense Ads <= 5.13.2 - Authenticated (Admin+) Double Extension Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2022-1206
This makes it possible for authenticated attackers, with administrator-level access and above, to upload arbitrary files with double extensions on the affected site's server which may make remote code execution possible. • https://plugins.trac.wordpress.org/browser/adrotate/trunk/adrotate-admin-manage.php#L418 https://www.wordfence.com/threat-intel/vulnerabilities/id/9f92219a-e07e-422d-a9f2-dbe4fbcd5f55?source=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2024-42815
https://notcve.org/view.php?id=CVE-2024-42815
Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands. • https://gist.github.com/XiaoCurry/14d46e0becd79d9bb9907f2fbe147cfe https://securityonline.info/cve-2024-42815-cvss-9-8-buffer-overflow-flaw-in-tp-link-routers-opens-door-to-rce • CWE-121: Stack-based Buffer Overflow •