CVE-2024-49671

Name of the Vulnerable Software and Affected Versions AI Image Generator for Your Content & Featured Images – AI Postpix versions 1.1.8 and earlier

Description The issue allows for the unrestricted upload of files with dangerous types, potentially enabling an attacker to upload a web shell to a web server. This could lead to further exploitation.

Recommendations For versions 1.1.8 and earlier, update to a version that fixes this issue, as using an unrestricted file upload functionality poses a significant risk. As a temporary workaround, consider restricting or disabling the file upload feature until a patch is available.