CVE-2024-54370

Name of the Vulnerable Software and Affected Versions: SuitePlugins Video & Photo Gallery for Ultimate Member versions n/a through 1.1.0

Description: The issue allows uploading a Web Shell to a web server due to unrestricted file upload with dangerous types. This enables potential attackers to execute malicious code on the server.

Recommendations: For versions n/a through 1.1.0, update to a version that addresses this issue, as the current version allows unrestricted file uploads, posing a significant risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.