cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-24770,https://securityvulnerability.io/vulnerability/CVE-2021-24770,Stylish Price List < 6.9.1 - Subscriber+ Arbitrary Image Upload,"The Stylish Price List WordPress plugin before 6.9.1 does not perform capability checks in its spl_upload_ser_img AJAX action (available to authenticated users), which could allow any authenticated users, such as subscriber, to upload arbitrary images.",Wordpress,Stylish Price List,6.5,MEDIUM,0.000539999979082495,false,,false,false,false,,false,false,2021-11-01T08:46:18.000Z,0
CVE-2021-24757,https://securityvulnerability.io/vulnerability/CVE-2021-24757,Stylish Price List < 6.9.0 - Unauthenticated Arbitrary Image Upload,"The Stylish Price List WordPress plugin before 6.9.0 does not perform capability checks in its spl_upload_ser_img AJAX action (available to both unauthenticated and authenticated users), which could allow unauthenticated users to upload images.",Wordpress,Stylish Price List,5.3,MEDIUM,0.001509999972768128,false,,false,false,false,,false,false,2021-11-01T08:46:17.000Z,0