CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-50525 – WordPress Helloprint plugin <= 2.0.2 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-50525
This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/helloprint/wordpress-helloprint-plugin-2-0-2-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-50526 – WordPress Multi Purpose Mail Form plugin <= 1.0.2 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-50526
This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://github.com/hatvix1/CVE-2024-50526-Private-POC https://patchstack.com/database/vulnerability/multi-purpose-mail-form/wordpress-multi-purpose-mail-form-plugin-1-0-2-arbitrary-file-upload-vulnerability-2?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-50527 – WordPress Stacks Mobile App Builder plugin <= 5.2.3 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-50527
This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/stacks-mobile-app-builder/wordpress-stacks-mobile-app-builder-plugin-5-2-3-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-50529 – WordPress Training – Courses plugin <= 2.0.1 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-50529
This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/training/wordpress-training-courses-plugin-2-0-1-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-50530 – WordPress Stars SMTP Mailer plugin <= 1.7 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-50530
This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/stars-smtp-mailer/wordpress-stars-smtp-mailer-plugin-1-7-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •