BerqWP 漏洞列表

共找到 2 个与 BerqWP 相关的漏洞

📅 加载漏洞趋势中...

CVE-2024-43160: BerqWP <= 1.7.6 - Arbitrary File Upload POC

日期: 2025-08-01 | 影响软件: BerqWP

The BerqWP Automated All-In-One PageSpeed Optimization Plugin for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the /api/store_webp.php file in all versions up to, and including, 1.7.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
CVE-2024-43160: BerqWP <= 1.7.6 - Arbitrary File Upload POC

日期: 2025-08-01 | 影响软件: BerqWP

The BerqWP Automated All-In-One PageSpeed Optimization Plugin for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the /api/store_webp.php file in all versions up to, and including, 1.7.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.