| Type | CWE ID | Description |
|---|---|---|
| CWE | CWE-434 | CWE-434 Unrestricted Upload of File with Dangerous Type |
| Version | Base score | Base severity | Vector |
|---|---|---|---|
| 3.1 | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
| CAPEC ID | Description |
|---|
| Event | Date |
|---|---|
| Report received from the security researcher Peng Zhou (Patchstack Alliance). | 2024-03-06 08:16:00 |
| Vendor notified about the vulnerability. | 2024-03-09 12:24:00 |
| WordPress plugins review team notified. | 2024-07-06 07:18:00 |
| Plugin is closed from the public access on the WordPress.org repository due to vulnerability report. | 2024-07-08 02:27:00 |
| Disclosed by Patchstack. | 2024-07-09 04:21:00 |
| Version | Base score | Base severity | Vector |
|---|
| CAPEC ID | Description |
|---|
| Event | Date |
|---|
| Version | Base score | Base severity | Vector |
|---|
| CAPEC ID | Description |
|---|
| Event | Date |
|---|