CVE Vulnerabilities

CVE-2024-9422

Published: Nov 22, 2024 | Modified: Jun 09, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

The GEO my WP WordPress plugin before 4.5, gmw-premium-settings WordPress plugin before 3.1 does not sufficiently validate files to be uploaded, which could allow attackers to upload arbitrary files such as PHP on the server.

Affected Software

Name Vendor Start Version End Version
Geo_my_wordpress Geomywp * 4.5 (excluding)
Geo_my_wordpress_premium_settings Geomywp * 3.1 (excluding)

References