CVE-2024-56249

CVSS v3.1

9.1

Vector

AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Webdeclic WPMasterToolKit versions 1.13.1 and earlier

Description The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can lead to unauthorized upload of malicious files.

Recommendations For versions 1.13.1 and earlier, update to a version later than 1.13.1 to resolve the issue. As a temporary workaround, consider restricting file uploads to prevent potential exploitation.

Fix

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2024-56249

Affected Products

Webdeclic Wpmastertoolkit

CVE-2024-56249

Weakness Enumeration

Related Identifiers

Affected Products

References · 6