Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1
CVE-2024-13707
- EPSS 0.09%
- Veröffentlicht 30.01.2025 14:15:36
- Zuletzt bearbeitet 31.01.2025 18:12:42
The WP Image Uploader plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the gky_image_uploader_main_function() function. This makes it...
9.1
CVE-2024-13720
- EPSS 1.08%
- Veröffentlicht 30.01.2025 14:15:36
- Zuletzt bearbeitet 30.01.2025 18:44:43
The WP Image Uploader plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the gky_image_uploader_main_function() function in all versions up to, and including, 1.0.1. This makes it possible for un...
1