CVE-2024-52372

Name of the Vulnerable Software and Affected Versions WebTechGlobal Easy CSV Importer BETA versions n/a through 7.0.0

Description The issue allows for the unrestricted upload of files with dangerous types, potentially enabling the upload of a web shell to a web server. This poses a significant risk for web servers.

Recommendations For versions n/a through 7.0.0, consider disabling the file upload feature until a patch is available to prevent the upload of malicious files. Restrict access to the Easy CSV Importer BETA module to minimize the risk of exploitation. Avoid using the feature to upload files from untrusted sources until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.