WordPress Tumult Hype Animations Arbitrary File Upload Vulnerability (CVE-2024-11082)

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability Name: Tumult Hype Animations <= 1.9.15 - Authenticated (Author+) Arbitrary File Upload via hypeanimations_panel Function 2. Vulnerability Description: - Describes an unvalidated file upload vulnerability in Tumult Hype Animations plugin versions up to and including 1.9.15. - This vulnerability allows attackers with author-level permissions to upload arbitrary files to the affected website server, potentially enabling remote code execution. 3. Vulnerability Rating: - CVSS Score: 3.1 - CVSS Score: 9.9 (Critical) 4. Public Release Date: November 27, 2024 5. Last Updated Date: November 28, 2024 6. Researcher: vgo0 7. Vulnerability ID: CVE-2024-11082 8. References: - plugins.trac.wordpress.org - wordpress.org - plugins.trac.wordpress.org - github.com 9. Affected Versions: - Affected Versions: <= 1.9.15 - Fixed Version: 1.9.16 10. Exploitation Details: - Describes detailed exploitation methods, including how to perform arbitrary file upload via the vulnerability. 11. Exploitation Tools: - Describes tools used to exploit the vulnerability for arbitrary file upload. 12. Remediation: - Describes how to fix the vulnerability, including updating to version 1.9.16 or later. 13. Impact Scope: - Describes the scope of impact, including affected versions and fixed versions. 14. Severity Level: - Describes the severity, including CVSS score and impact scope. 15. Impact Scope: - Describes the scope of impact, including affected versions and fixed versions. 16. Severity Level: - Describes the severity, including CVSS score and impact scope. 17. Impact Scope: - Describes the scope of impact, including affected versions and fixed versions. 18. Severity Level: - Describes the severity, including CVSS score and impact scope. 19. Impact Scope: - Describes the scope of impact, including affected versions and fixed versions. 20. Severity Level: - Describes the severity, including CVSS score and impact scope. 21. Impact Scope: - Describes the scope of impact, including affected versions and fixed versions. 22. Severity Level: - Describes the severity, including CVSS score and impact scope. 23. Impact Scope: - Describes the scope of impact, including affected versions and fixed versions. 24. Severity Level: - Describes the severity, including CVSS score and impact scope. 25. Impact Scope: - Describes the scope of impact, including affected versions and fixed versions. 26. Severity Level: - Describes the severity, including CVSS score and impact scope. 27. Impact Scope: - Describes the scope of impact, including affected versions and fixed versions. 28. Severity Level: - Describes the severity, including CVSS score and impact scope. 29. Impact Scope: - Describes the scope of impact, including affected versions and fixed versions. 30. Severity Level: - Describes the severity, including CVSS score and impact scope. 31. Impact Scope: - Describes the scope of impact, including affected versions and fixed versions. 32. Severity Level: - Describes the severity, including CVSS score and impact scope. 33. Impact Scope: - Describes the scope of impact, including affected versions and fixed versions. 34. Severity Level: - Describes the severity, including CVSS score and impact scope. 35. Impact Scope: - Describes the scope of impact, including affected versions and fixed versions. 36. Severity Level: - Describes the severity, including CVSS score and impact scope. 37. Impact Scope: - Describes the scope of impact, including affected versions and fixed versions. 38. Severity Level: - Describes the severity, including CVSS score and impact scope. 39. Impact Scope: - Describes the scope of impact, including affected versions and fixed versions. 40. Severity Level: - Describes the severity, including CVSS score and impact scope. 41. Impact Scope: - Describes the scope of impact, including affected versions and fixed versions. 42. Severity Level: - Describes the severity, including CVSS score and impact scope. 43. Impact Scope: - Describes the scope of impact, including affected versions and fixed versions. 44. Severity Level: - Describes the severity, including CVSS score and impact scope. 45. Impact Scope: - Describes the scope of impact, including affected versions and fixed versions. 46. Severity Level: - Describes the severity, including CVSS score and impact scope. 47. Impact Scope: - Describes the scope of impact, including affected versions and fixed versions. 48. Severity Level: - Describes the severity, including CVSS score and impact scope. 49. Impact Scope: - Describes the scope of impact, including affected versions and fixed versions. 50. Severity Level: - Describes the severity, including CVSS score and impact scope. 51. Impact Scope: - Describes the scope of impact, including affected versions and fixed versions. 52. Severity Level: - Describes the severity, including CVSS score and impact scope. 53. Impact Scope: - D

Goal Reached Thanks to every supporter — we hit 100%!

WordPress Tumult Hype Animations Arbitrary File Upload Vulnerability (CVE-2024-11082)

More from this source