Back

CVE-2024-5807

July 30, 2024, 1:32 p.m.

Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Business Card WordPress plugin

  • through 1.0.0

Source

contact@wpscan.com

Tags

contact@wpscan.com
2024-07-30
CVE-2024-5807

CVE-2024-5807 details

Published : July 30, 2024, 6:15 a.m.
Last Modified : July 30, 2024, 1:32 p.m.

Description

The Business Card WordPress plugin through 1.0.0 does not prevent high privilege users like administrators from uploading malicious PHP files, which could allow them to run arbitrary code on servers hosting their site, even in MultiSite configurations.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://wpscan.com/vulnerability/badb16b5-8c06-4170-b605-ea7af8982c1f/ contact@wpscan.com
This website uses the NVD API, but is not approved or certified by it.