← back
CVE-2024-50473

WordPress Ajar in5 Embed plugin <= 3.1.3 - Arbitrary File Upload vulnerability

CVSS 10 CRITICALEPSS 1.0%CWE-434
Unrestricted Upload of File with Dangerous Type vulnerability in Ajar Productions Ajar in5 Embed ajar-productions-in5-embed allows Upload a Web Shell to a Web Server.This issue affects Ajar in5 Embed: from n/a through <= 3.1.3.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected products
Ajar Productions · Ajar in5 Embed
public PoCs found1
githubgithub.com/RandomRobbieBF/CVE-2024-504730
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://patchstack.com/database/Wordpress/Plugin/ajar-productions-in5-embed/vulnerability/wordpress-ajar-in5-embed-plugin-3-1-3-arbitrary-file-upload-vulnerability?_s_id=cve