First published: Wed Dec 18 2024(Updated: )
Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a before 1.9.9.5.3.
Credit: audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
WPLMS | <1.9.9.5.3 | |
WPLMS | <1.9.9.5.3 |
Update the WordPress WPLMS plugin to the latest available version (at least 1.9.9.5.3).
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2024-56050 is considered high due to the potential for an unrestricted file upload leading to the execution of malicious code.
To fix CVE-2024-56050, update the VibeThemes WPLMS plugin to version 1.9.9.5.3 or later.
CVE-2024-56050 affects VibeThemes WPLMS versions prior to 1.9.9.5.3.
Yes, if you are using an affected version of VibeThemes WPLMS, your website is vulnerable to this file upload issue.
An unrestricted file upload vulnerability allows attackers to upload files, such as web shells, that can be executed on the server, posing significant security risks.