Falhas do tipo CWE-434

2.805 resultados
CVE-2024-52370CRITICALWordPress Hive Support – WordPress Help Desk, Live Chat & AI Chat Bot Plugin for WordPress plugin <= 1.1.1 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-50480CRITICALWordPress Marketing Automation by AZEXO plugin <= 1.27.80 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-52369CRITICALWordPress KBucket plugin <= 4.2.2 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-52384CRITICALWordPress Sage AI: Chatbots, OpenAI GPT-4 Bulk Articles, Dalle-3 Image Generation plugin <= 2.4.9 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-52405CRITICALWordPress B-Banner Slider plugin <= 1.1 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-52400CRITICALWordPress Gallerio plugin <= 1.01 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-52407CRITICALWordPress BasePress Migration Tools plugin <= 1.0.0 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-52399CRITICALWordPress Writer Helper plugin <= 3.1.6 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-52408CRITICALWordPress Push Notifications for WordPress by PushAssist plugin <= 3.0.8 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2026-1107MEDIUMEyouCMS Member Avatar Diyajax.php check_userinfo unrestricted uploadEPSS 0.5%CVE-2024-49331CRITICALWordPress Property Lot Management System plugin <= 4.2.38 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2025-27082HIGHAuthenticated Remote Code Execution Vulnerabilities in AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface via Arbitrary File WriteEPSS 0.5%CVE-2024-52406CRITICALWordPress CSV to html plugin <= 3.26 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-52404CRITICALWordPress CF7 Reply Manager plugin <= 1.2.3 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2025-3244MEDIUMSourceCodester Web-based Pharmacy Product Management System Create User Page add-admin.php unrestricted uploadEPSS 0.5%CVE-2025-9212HIGHWP Dispatcher <= 1.2.0 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 0.5%CVE-2023-23937HIGHMissing file upload type validation in pimcore/pimcoreEPSS 0.5%CVE-2024-52397CRITICALWordPress Convert Docx2post plugin <= 1.4 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-52398CRITICALWordPress CDI plugin <= 5.5.3 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2026-13553MEDIUMitsourcecode Online Hotel Management System controller.php add unrestricted uploadEPSS 0.5%