CVE-2024-4442
published 2024-05-21CVE-2024-4442: The Salon booking system plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 9.8. This is due to the plugin not…
PriorityP260critical9.1CVSS 3.1
AVNACLPRNUINSUCNIHAH
EPSS
1.24%
65.3th percentile
The Salon booking system plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 9.8. This is due to the plugin not properly validating the path of an uploaded file prior to deleting it. This makes it possible for unauthenticated attackers to delete arbitrary files, including the wp-config.php file, which can make site takeover and remote code execution possible. This was partially patched in 9.9, and sufficiently patched in 10.0. CVE-2024-37231 appears to be a duplicate of this issue.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| salonbookingsystem | salon_booking_system | < 10.0 | 10.0 |
CVSS provenance
nvdv3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rrv6-pjjr-4r3x: The Salon booking system plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 9
ghsa_unreviewed·2024-05-21
CVE-2024-4442 [CRITICAL] CWE-22 GHSA-rrv6-pjjr-4r3x: The Salon booking system plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 9
The Salon booking system plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 9.8. This is due to the plugin not properly validating the path of an uploaded file prior to deleting it. This makes it possible for unauthenticated attackers to delete arbitrary files, including the wp-config.php file, which can make site takeover and remote code execution possible.
Red Hat
kernel: thermal: intel: int340x: processor: Fix warning during module unload
vendor_redhat·2024-11-05·CVSS 5.5
CVE-2024-50093 [MEDIUM] CWE-459 kernel: thermal: intel: int340x: processor: Fix warning during module unload
kernel: thermal: intel: int340x: processor: Fix warning during module unload
In the Linux kernel, the following vulnerability has been resolved:
thermal: intel: int340x: processor: Fix warning during module unload
The processor_thermal driver uses pcim_device_enable() to enable a PCI
device, which means the device will be automatically disabled on driver
detach. Thus there is no need to call pci_disable_device() again on it.
With recent PCI device resource management improvements, e.g. commit
f748a07a0b64 ("PCI: Remove legacy pcim_release()"), this problem is
exposed and triggers the warining below.
[ 224.010735] proc_thermal_pci 0000:00:04.0: disabling already-disabled device
[ 224.010747] WARNING: CPU: 8 PID: 4442 at drivers/pci/pci.c:2250 pci_disable_device+0xe5/0x100
...
[ 224.010844]
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://plugins.trac.wordpress.org/browser/salon-booking-system/tags/9.8/src/SLN/Action/Ajax/RemoveUploadedFile.php#L5https://plugins.trac.wordpress.org/changeset/3088196/salon-booking-system#file14https://plugins.trac.wordpress.org/changeset/3098413/salon-booking-system/trunk/src/SLN/Action/Ajax/RemoveUploadedFile.phphttps://www.wordfence.com/threat-intel/vulnerabilities/id/eaafeadd-f44c-49b1-b900-ef40800c629e?source=cvehttps://plugins.trac.wordpress.org/browser/salon-booking-system/tags/9.8/src/SLN/Action/Ajax/RemoveUploadedFile.php#L5https://plugins.trac.wordpress.org/changeset/3088196/salon-booking-system#file14https://www.wordfence.com/threat-intel/vulnerabilities/id/eaafeadd-f44c-49b1-b900-ef40800c629e?source=cve
2024-05-21
Published