WordPress Plugin Vulnerabilities

Baggage Freight Shipping Australia 0.1.0 - Unauthenticated Arbitrary File Upload

Description

Unrestricted file upload for unauthorised user in package info upload process allowing arbitrary extension.

Affects Plugins

Plugin icon
baggage-freight
No known fix

References

Exploitdb
46061
URL
https://wordpress.org/plugins/baggage-freight/#description

Miscellaneous

Original Researcher
Kaimi
Submitter
Javier Casares
Submitter website
https://www.javiercasares.com/
Submitter twitter
JavierCasares
Verified
No
WPVDB ID
d15aa6b9-8f36-458e-8940-27af4ca048da

Timeline

Publicly Published
2018-12-24 (about 7 years ago)
Added
2019-01-07 (about 7 years ago)
Last Updated
2019-11-01 (about 6 years ago)

Other

Published
Title
Published
2022-11-21
Title
Booking Calendar < 3.2.2 - Unauthenticated Arbitrary File Upload
Published
2020-10-21
Title
SuperStoreFinder Plugins - Unauthenticated Arbitrary File Upload
Published
2015-04-25
Title
WooCommerce Amazon Affiliates - Arbitrary File Upload
Published
2014-08-01
Title
D&elion - Arbitry File Upload
Published
2014-08-01
Title
dagda - Arbitrary File Upload