cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-12209,https://securityvulnerability.io/vulnerability/CVE-2024-12209,Local File Inclusion Vulnerability in WP Umbrella Plugin for WordPress,"CVE-2024-12209 is a critical Local File Inclusion (LFI) vulnerability affecting the WP Umbrella: Update Backup Restore & Monitoring plugin for WordPress, specifically in all versions up to and including 2.17.0. This vulnerability arises from improper handling of the 'filename' parameter within the 'umbrella-restore' action, allowing unauthenticated attackers to include and execute arbitrary files on the server. The exploitation of this vulnerability could lead to serious security issues, including the bypassing of access controls, unauthorized access to sensitive data, and the potential execution of malicious PHP code. As a result, sites using this plugin should be prioritized for security updates to mitigate the risks associated with this vulnerability.",Wordpress,WP Umbrella: Update Backup Restore & Monitoring,9.8,CRITICAL,0.029090000316500664,false,,false,false,true,2024-12-09T20:51:10.000Z,true,false,false,,2024-12-08T05:25:16.114Z,159