Unauthorized File Uploads Vulnerability in X Core plugin for WordPress
CVE-2024-7772
9.8CRITICAL
What is CVE-2024-7772?
The Jupiter X Core plugin for WordPress is impacted by a vulnerability that allows unauthenticated attackers to upload arbitrary files due to improper file type validation in its 'validate' function. This flaw affects all versions up to and including 4.6.5. Once exploited, it potentially enables remote code execution on the server hosting the affected site, posing significant security risks.
Affected Version(s)
Jupiter X Core 0 <= 4.6.5