@cve-notifications.bsky.social on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

CVE Sentinel

cve-notifications.bsky.social

did:plc:fmpxu5qaccixyxvvyzsllshl

ID: CVE-2024-12427 CVSS V3.1: MEDIUM The Multi Step Form plugin for WordPress is vulnerable to unauthorized limited file upload due to a missing capability check on the fw_upload_file AJAX action in all versions up to, and including, 1.7.23. This makes it possible... #security #infosec #cve-alert https://nvd.nist.gov/vuln/detail/CVE-2024-12427

2025-01-16T10:15:42.148Z