VYPR
Unrated severityNVD Advisory· Published Jul 12, 2024· Updated Aug 1, 2024

Quotes and Tips < 1.45 - Admin+ Arbitrary File Upload

CVE-2024-3112

Description

The Quotes and Tips by BestWebSoft WordPress plugin before 1.45 does not properly validate image files uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.