CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-7863

The Favicon Generator (CLOSED) WordPress plugin before 2.1 does not validate files to be uploaded and does not have CSRF checks, which could allow attackers to make logged in admin upload arbitrary files such as PHP on the server

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 35.3%

CVSS Severity

CVSS v3 Score 6.8

References

https://wpscan.com/vulnerability/5e814b02-3870-4742-905d-ec03b0d31add/

Products affected by CVE-2024-7863

Pixeljar » Favicon Generator » Version: N/A

cpe:2.3:a:pixeljar:favicon_generator:-
Pixeljar » Favicon Generator » Version: 1.1

cpe:2.3:a:pixeljar:favicon_generator:1.1
Pixeljar » Favicon Generator » Version: 1.2

cpe:2.3:a:pixeljar:favicon_generator:1.2
Pixeljar » Favicon Generator » Version: 1.3

cpe:2.3:a:pixeljar:favicon_generator:1.3
Pixeljar » Favicon Generator » Version: 1.4

cpe:2.3:a:pixeljar:favicon_generator:1.4
Pixeljar » Favicon Generator » Version: 1.5

cpe:2.3:a:pixeljar:favicon_generator:1.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-7863

Products

Pricing

Contact Us