The GEO my WP WordPress plugin before 4.5, gmw-premium-settings WordPress plugin before 3.1 does not sufficiently validate files to be uploaded, which could allow attackers to upload arbitrary files such as PHP on the server.
Metrics
Affected Vendors & Products
References
History
Fri, 22 Nov 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Geomywp
Geomywp geo My Wordpress |
|
CPEs | cpe:2.3:a:geomywp:geo_my_wordpress:*:*:*:*:*:wordpress:*:* | |
Vendors & Products |
Geomywp
Geomywp geo My Wordpress |
|
Metrics |
cvssV3_1
|
Fri, 22 Nov 2024 06:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The GEO my WP WordPress plugin before 4.5, gmw-premium-settings WordPress plugin before 3.1 does not sufficiently validate files to be uploaded, which could allow attackers to upload arbitrary files such as PHP on the server. | |
Title | GEO My WordPress < 4.5 - Admin+ Arbitrary File Upload | |
References |
|
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2024-11-22T06:00:04.194Z
Updated: 2024-11-22T17:52:16.250Z
Reserved: 2024-10-01T20:26:08.308Z
Link: CVE-2024-9422
Vulnrichment
Updated: 2024-11-22T17:46:09.517Z
NVD
Status : Received
Published: 2024-11-22T06:15:20.370
Modified: 2024-11-22T18:15:18.287
Link: CVE-2024-9422
Redhat
No data.