CVE-2024-13544 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

The Zarinpal Paid Download WordPress plugin through 2.3 does not properly validate uploaded files, allowing high privilege users such as admin to upload arbitra…
Medium CVSS: 4.8

CVE-2024-13544

The Zarinpal Paid Download WordPress plugin through 2.3 does not properly validate uploaded files, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)
Vendor
Amini7
Product
Zarinpal Paid Download
CWE
CWE-434
Yayın Tarihi
2025-02-11 06:15:19
Güncelleme
2025-02-20 16:11:08
Source Identifier
contact@wpscan.com
KEV Date Added
-

Kategoriler

CWE-434 Zarinpal Paid Download MEDIUM Amini7 2025

Referanslar

https://wpscan.com/vulnerability/91884263-62a7-436e-b19f-682b1aeb37d6/