CVE-2024-52402

EUVD-2024-46000
Cross-Site Request Forgery (CSRF) vulnerability in gunghoinc Exclusive Content Password Protect exclusive-content-password-protect allows Upload a Web Shell to a Web Server.This issue affects Exclusive Content Password Protect: from n/a through <= 1.1.0.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 93%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
cliconomicsexclusive_content_password_protect
𝑥
≤ 1.1.0
ADP
Common Weakness Enumeration
References
https://patchstack.com/database/Wordpress/Plugin/exclusive-content-password-protect/vulnerability/wordpress-exclusive-content-password-protect-plugin-1-1-0-csrf-to-arbitrary-file-upload-vulnerability?_s_id=cve