CVE-2024-10586 [CRITICAL] :

The Debug Tool plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check on the dbt_pull_image() function and missing file type validation in all versions up to, and including, 2.2. This makes it possible for unauthenticated attackers to to create arbitrary files such as .php files that can be leveraged for remote code execution.

HACKLIDO

community
forum

Unleash your creativity with Hacklido. where content meets connection! Discover a world where you can freely express your ideas and connect with your future biggest fans. With Hacklido, you don't need to build everything from scratch – we provide the platform, and you bring the magic.

Visit Website

Listed: Fri May 31 2024