CVE-2024-52429
CVSS 3.1 Score 8.8 of 10 (high)
Details
Published Nov 18, 2024
Updated: Nov 20, 2024
CWE ID 434
Summary
CVE-2024-52429 is a new vulnerability affecting Anton Hoelstad's WP Quick Setup plugin. Hackers can exploit this Unrestricted File Upload vulnerability to upload a web shell to a web server, gaining unauthorized access and control. This issue puts all versions of WP Quick Setup from n/a to 2.0 at risk. Successful exploitation could lead to serious security consequences, including data theft, website defacement, or even complete site takeover. Users are urged to update their plugins as soon as a patch becomes available.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share