ByteOS Network

NVD Vulnerability Details :

CVE-2024-52429

Analyzed

Source-audit@patchstack.com

Published At-18 Nov, 2024 | 15:15

Updated At-20 Nov, 2024 | 15:28

Unrestricted Upload of File with Dangerous Type vulnerability in Anton Hoelstad WP Quick Setup allows Upload a Web Shell to a Web Server.This issue affects WP Quick Setup: from n/a through 2.0.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary	3.1	9.9	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CPE Matches

antonhoelstad>>wp_quick_setup>>Versions up to 2.0(inclusive)

cpe:2.3:a:antonhoelstad:wp_quick_setup:*:*:*:*:*:wordpress:*:*

Weaknesses

CWE ID	Type	Source
CWE-434	Primary	audit@patchstack.com

References

Hyperlink	Source	Resource
https://patchstack.com/database/vulnerability/wp-quick-setup/wordpress-wp-quick-setup-plugin-2-0-arbitrary-plugin-and-theme-installation-to-remote-code-execution-vulnerability?_s_id=cve	audit@patchstack.com	Third Party Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History