Medium severity6.5NVD Advisory· Published May 15, 2024· Updated Jun 17, 2026
CVE-2024-3748
CVE-2024-3748
Description
The SP Project & Document Manager WordPress plugin through 4.71 is missing validation in its upload function, allowing a user to manipulate the user_id to make it appear that a file was uploaded by another user
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=4.71
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/01427cfb-5c51-4524-9b9d-e09a603bc34c/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.