CVE-2024-12209P1CRITICALCVSS 9.8ExploitedPoC≤ 2.17.02024-12-08
CVE-2024-12209 [CRITICAL] CWE-98 CVE-2024-12209: The WP Umbrella: Update Backup Restore & Monitoring plugin for WordPress is vulnerable to Local File
The WP Umbrella: Update Backup Restore & Monitoring plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.17.0 via the 'filename' parameter of the 'umbrella-restore' action. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution o
nvd