CVE-2024-7855 – WP Hotel Booking <= 2.1.2 - Authenticated (Subscriber+) Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-7855
The WP Hotel Booking plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the update_review() function in all versions up to, and including, 2.1.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://plugins.trac.wordpress.org/browser/wp-hotel-booking/trunk/includes/class-wphb-comments.php#L150 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3157905%40wp-hotel-booking&new=3157905%40wp-hotel-booking&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/784593ec-b635-4f59-9afb-ab506f786d21?source=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2024-9108 – Wechat Social login <= 1.3.0 - Unauthenticated Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-9108
The Wechat Social login plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'convert_remoteimage_to_local' function in versions up to, and including, 1.3.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. El complemento Wechat Social login para WordPress es vulnerable a la carga de archivos arbitrarios debido a una validación insuficiente del tipo de archivo en la función 'convert_remoteimage_to_local' en versiones hasta la 1.3.0 incluida. • https://plugins.trac.wordpress.org/browser/wechat-social-login/trunk/includes/social/class-xh-social-wp-api.php?rev=2111074#L39 https://www.wordfence.com/threat-intel/vulnerabilities/id/06881386-3c92-426b-948d-58e8a8bee624?source=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2024-8353 – GiveWP – Donation Plugin and Fundraising Platform <= 3.16.1 - Unauthenticated PHP Object Injection
https://notcve.org/view.php?id=CVE-2024-8353
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.1 via deserialization of untrusted input via several parameters like 'give_title' and 'card_address'. ... The additional presence of a POP chain allows attackers to delete arbitrary files and achieve remote code execution. • https://github.com/maybeheisenberg/CVE-2024-8353 https://plugins.trac.wordpress.org/browser/give/tags/3.16.0/includes/process-donation.php#L154 https://plugins.trac.wordpress.org/changeset/3149290/give/tags/3.16.1/includes/admin/admin-actions.php https://plugins.trac.wordpress.org/changeset/3149290/give/tags/3.16.1/includes/process-donation.php https://plugins.trac.wordpress.org/changeset/3149290/give/tags/3.16.1/src/Helpers/Utils.php https://plugins.trac.wordpress.org/changeset/3157829 • CWE-502: Deserialization of Untrusted Data •
CVE-2024-8126 – Advanced File Manager <= 5.2.8 - Authenticated (Subscriber+) Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-8126
The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads via the 'class_fma_connector.php' file in all versions up to, and including, 5.2.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, and granted permissions by an Administrator, to upload a new .htaccess file allowing them to subsequently upload arbitrary files on the affected site's server which may make remote code execution possible. • https://www.wordfence.com/threat-intel/vulnerabilities/id/801d6cde-f9c6-4e68-8bfc-ff8c0593372d?source=cve https://plugins.trac.wordpress.org/browser/file-manager-advanced/trunk/application/class_fma_connector.php?rev=3004748 https://plugins.trac.wordpress.org/changeset/3157713 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2024-47319 – WordPress Bit Form plugin <= 2.13.10 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-47319
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 2.13.10. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/bit-form/wordpress-bit-form-plugin-2-13-10-arbitrary-file-upload-vulnerability? • CWE-434: Unrestricted Upload of File with Dangerous Type •