cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-2024,https://securityvulnerability.io/vulnerability/CVE-2024-2024,Arbitrary File Upload Vulnerability Affects Folders Pro Plugin for WordPress,"The Folders Pro plugin for WordPress has a vulnerability that allows for arbitrary file uploads owing to insufficient file type validation in the 'handle_folders_file_upload' function. This affects all versions up to and including 3.0.2. Authenticated attackers, specifically those with author access or higher, can exploit this vulnerability to upload potentially malicious files to the server hosting the affected site, which could lead to remote code execution. Timely updates and security measures are essential to mitigate the risks posed by this vulnerability.",Wordpress,Folders Pro,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,2024-06-14T12:51:02.731Z,0
CVE-2024-2023,https://securityvulnerability.io/vulnerability/CVE-2024-2023,Arbitrary File Upload Vulnerability in Folders and Folders Pro Plugin,"The Folders and Folders Pro plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.0 in Folders and 3.0.2 in Folders Pro via the 'handle_folders_file_upload' function. This makes it possible for authenticated attackers, with author access and above, to upload files to arbitrary locations on the server.",Wordpress,"Folders – Unlimited Folders To Organize Media Library Folder, Pages, Posts, File Manager,Folders Pro",4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-06-14T12:50:56.493Z,0