CVE-2024-31377

moderate-risk
Published 2024-05-14

Unrestricted Upload of File with Dangerous Type vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a through 8.7.01.001.

Do I need to act?

~
1.7% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
10
CVSS 10.0/10 Critical
NETWORK / LOW complexity

References (2)

https://patchstack.com/database/vulnerability/wp-photo-album-plus/wordpress-wp-p...
https://patchstack.com/database/vulnerability/wp-photo-album-plus/wordpress-wp-p...
43
/ 100
moderate-risk
Severity 33/34 · Critical
Exploitability 5/34 · Minimal
Exposure 5/34 · Minimal