Unrestricted Upload of File with Dangerous Type Vulnerability
CVE-2024-52476
10CRITICAL
What is CVE-2024-52476?
The vulnerability identified allows for unrestricted file uploads in the Fediverse Embeds plugin created by Stefan Bohacek. This flaw enables attackers to upload files of dangerous types, potentially leading to the deployment of a web shell on the server. As a result, this vulnerability could provide unauthorized access and control over affected systems. The issue impacts versions from n/a through 1.5.3. Users of the Fediverse Embeds plugin should prioritize mitigation measures and consider updating to secure versions.
Affected Version(s)
Fediverse Embeds 0 <= 1.5.3