CVE-2024-9422
CVSS 3.1 Score 6.6 of 10 (medium)
Details
Published Nov 22, 2024
Summary
CVE-2024-9422 is a vulnerability affecting the GEO my WP and gmw-premium-settings plugins for WordPress. These plugins, before versions 4.5 and 3.1 respectively, fail to adequately validate uploaded files, creating an opportunity for attackers to upload arbitrary files. Successful exploitation could result in the execution of malicious PHP code on the server. WordPress users are advised to update these plugins to the latest versions to mitigate the risk of this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share