CVE-2024-56054

Name of the Vulnerable Software and Affected Versions WPLMS versions prior to 1.9.9.5.2

Description The issue allows for the upload of a web shell to a web server due to unrestricted file upload with dangerous types. This enables potential attackers to upload malicious files, including web shells, to a web server.

Recommendations For versions prior to 1.9.9.5.2, update to version 1.9.9.5.2 or later to resolve the issue. As a temporary workaround, consider restricting file uploads to only necessary and safe file types until a patch is applied. Restrict access to the file upload functionality to minimize the risk of exploitation.