cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-6319,https://securityvulnerability.io/vulnerability/CVE-2024-6319,Arbitrary File Upload Vulnerability in IMGspider Plugin for WordPress,"The IMGspider plugin for WordPress contains a vulnerability that allows authenticated users with contributor-level permissions and above to upload arbitrary files. This issue arises from insufficient file type validation in the 'upload' function, present in all versions up to and including 2.3.10. Successful exploitation could lead to remote code execution, enabling attackers to compromise the server hosting the vulnerable site. It is crucial for site administrators to review their installations and apply necessary updates to mitigate any potential risks.",Wordpress,Imgspider – 图片采集抓取插件,8.8,HIGH,0.00044999999227002263,false,,false,false,false,,false,false,2024-07-04T08:32:21.972Z,0
CVE-2024-6318,https://securityvulnerability.io/vulnerability/CVE-2024-6318,Arbitrary File Upload Vulnerability in IMGspider Plugin for WordPress,"The IMGspider plugin for WordPress is susceptible to an arbitrary file upload vulnerability due to inadequate file type validation in the 'upload_img_file' function across all versions up to and including 2.3.10. This vulnerability allows authenticated attackers with contributor-level permissions or higher to upload files of their choice to the server. Such unauthorized file uploads can lead to potential remote code execution, presenting significant security risks to websites utilizing the affected plugin.",Wordpress,Imgspider – 图片采集抓取插件,8.8,HIGH,0.00044999999227002263,false,,false,false,false,,false,false,2024-07-04T08:32:20.895Z,0