CVE-2024-51792 – WordPress Audio Record plugin <= 1.0 - Arbitrary File Upload vulnerability

https://notcve.org/view.php?id=CVE-2024-51792

07 Jan 2019 — Unrestricted Upload of File with Dangerous Type vulnerability in Dang Ngoc Binh Audio Record allows Upload a Web Shell to a Web Server.This issue affects Audio Record: from n/a through 1.0. The Audio Record plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the save_record_callback function in versions up to, and including, 1.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote co... • https://patchstack.com/database/vulnerability/audio-record/wordpress-audio-record-plugin-1-0-arbitrary-file-upload-vulnerability-2?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •