Geomywp: >> Geo My Wordpress >> 4.0.4 Security Vulnerabilities
The GEO my WP WordPress plugin before 4.5, gmw-premium-settings WordPress plugin before 3.1 does not sufficiently validate files to be uploaded, which could allow attackers to upload arbitrary files such as PHP on the server.
CVSS Score
6.6
EPSS Score
0.001
Published
2024-11-22
The GEO my WP WordPress plugin before 4.5.0.2 does not prevent unauthenticated attackers from including arbitrary files in PHP's execution context, which leads to Remote Code Execution.
CVSS Score
9.8
EPSS Score
0.518
Published
2024-08-19