CVE-2024-52377

Name of the Vulnerable Software and Affected Versions BdThemes Instant Image Generator versions 1.5.4 and earlier

Description The issue allows an attacker to upload a web shell to a web server due to an Unrestricted Upload of File with Dangerous Type vulnerability. This enables attackers to upload malicious files to a web server.

Recommendations For versions 1.5.4 and earlier, update to a version that fixes this issue, as the current version allows malicious file uploads. As a temporary workaround, consider restricting file uploads to only necessary and safe file types until a patch is available. Restrict access to the Instant Image Generator to minimize the risk of exploitation.