CVE-2024-9047 - Exploiting Path Traversal in WordPress File Upload Plugin (v4.24.11 and Below)
Published: June 2024
Vulnerability Type: Path Traversal
Component: WordPress File Upload Plugin
Versions Affected: All up to 4.24.11
Attack Vector: Remote, unauthenticated
PHP
CVE-2024-9707 - WordPress Hunk Companion Plugin Exploit – Unauthorized Plugin Activations and the Road to RCE
CVE-2024-9707 is a serious security bug found in the popular Hunk Companion plugin for WordPress. If your website uses this plugin (versions 1.
CVE-2024-9234 - Critical File Upload Vulnerability in GutenKit WordPress Plugin Explained
Published: June, 2024
Introduction
A major security flaw has been found in the popular GutenKit WordPress plugin, officially tracked as CVE-2024-9234. If your
CVE-2024-9463 - Exploiting Command Injection in Palo Alto Networks Expedition to Reveal Root Secrets
In early 2024, a serious vulnerability surfaced in Palo Alto Networks Expedition, the migration and best practice assessment tool for Palo Alto firewalls. Tracked as
CVE-2023-45361 - Uncaught MalformedTitleException in MediaWiki’s Vector Skin Leads to Broken Pages
MediaWiki is the backbone of Wikipedia and countless other wikis across the world. It’s a big, open-source project, always improving—but sometimes, security
Episode
00:00:00
00:00:00