Skip to main content
CVE-2024-9047 CRITICAL POC PATCH THREAT Act Now

The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.11 via wfu_file_downloader.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Path Traversal PHP WordPress File Upload Wordpress File Upload
NVD
CVSS 3.1
9.8
EPSS
92.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy