Unrestricted File Upload Vulnerability in WPLMS by VibeThemes

CVE-2024-56054

What is CVE-2024-56054?

The WPLMS plugin by VibeThemes is susceptible to a vulnerability that allows unrestricted upload of files with potentially dangerous types. This flaw can enable an attacker to upload a web shell to the server, posing significant risks to the security and integrity of the affected application. Administrators using WPLMS versions prior to 1.9.9.5.2 should take immediate action to mitigate this risk and ensure their systems are protected.

References