CVE-2024-52398 – WordPress CDI plugin <= 5.5.3 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-52398
This makes it possible for authenticated attackers, with Shop Manager-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/collect-and-deliver-interface-for-woocommerce/wordpress-cdi-plugin-5-5-3-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2024-52399 – WordPress Writer Helper plugin <= 3.1.6 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-52399
This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/writer-helper/wordpress-writer-helper-plugin-3-1-6-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2024-52400 – WordPress Gallerio plugin <= 1.01 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-52400
This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/gallerio/wordpress-gallerio-plugin-1-01-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2024-52403 – WordPress User Management plugin <= 1.1 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-52403
This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/user-management/wordpress-user-management-plugin-1-1-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2024-52404 – WordPress CF7 Reply Manager plugin <= 1.2.3 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-52404
This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/cf7-reply-manager/wordpress-cf7-reply-manager-plugin-1-2-3-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •