cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-11082,https://securityvulnerability.io/vulnerability/CVE-2024-11082,Arbitrary File Upload Vulnerability in Tumult Hype Animations Plugin for WordPress,"The Tumult Hype Animations plugin for WordPress presents a significant security vulnerability due to insufficient file type validation in the hypeanimations_panel() function. This flaw affects all versions up to and including 1.9.15, allowing authenticated attackers with Author-level access or higher to upload arbitrary files to the server hosting the affected WordPress site. The implications of this vulnerability include the potential for remote code execution, posing a severe threat to the security and integrity of the web application.",Wordpress,Tumult Hype Animations,9.9,CRITICAL,0.00044999999227002263,false,,false,false,false,,false,false,2024-11-28T09:47:12.805Z,0
CVE-2024-10543,https://securityvulnerability.io/vulnerability/CVE-2024-10543,Unauthorized Access to Data in Hype Animations Plugin for WordPress,"The Tumult Hype Animations plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hypeanimations_getcontent function in all versions up to, and including, 1.9.14. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve animation information.",Wordpress,Tumult Hype Animations,4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-11-06T06:43:31.411Z,0