Unknown Files Upload Vulnerability Affects WordPress Sites using Insert or Embed Articulate Content into WordPress Plugin
CVE-2024-5630
8.8HIGH
Summary
The Articulate Content Plugin for WordPress prior to version 4.3000000024 is susceptible to an arbitrary file upload vulnerability. This security flaw permits authors to upload potentially harmful files, including PHP shells, directly onto affected WordPress sites. Such unauthorized file uploads can compromise the integrity and security of the site, leading to unauthorized access and execution of malicious scripts. Website administrators are urged to update to the latest version of the plugin to mitigate this risk and protect their platforms from potential exploitation.
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published