VYPR
High severityNVD Advisory· Published Oct 25, 2024· Updated Oct 25, 2024

Plenti arbitrary file write vulnerability

CVE-2024-49380

Description

Plenti, a static site generator, has an arbitrary file write vulnerability in versions prior to 0.7.2. The /postLocal endpoint is vulnerable to an arbitrary file write vulnerability when a plenti user serves their website. This issue may lead to Remote Code Execution. Version 0.7.2 fixes the vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/plentico/plentiGo
< 0.7.20.7.2

Affected products

8

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.