CVE-2024-52402

UNKNOWN 0.0

WordPress Exclusive Content Password Protect plugin <= 1.1.0 - CSRF to Arbitrary File Upload vulnerability

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Cross-Site Request Forgery (CSRF) vulnerability in gunghoinc Exclusive Content Password Protect exclusive-content-password-protect allows Upload a Web Shell to a Web Server.This issue affects Exclusive Content Password Protect: from n/a through <= 1.1.0.

CWE	CWE-352
Vendor	gunghoinc
Product	exclusive content password protect
Published	Nov 19, 2024
Last Updated	Apr 1, 2026

Stay Ahead of the Next One

Get instant alerts for gunghoinc exclusive content password protect

Be the first to know when new unknown vulnerabilities affecting gunghoinc exclusive content password protect are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

gunghoinc / Exclusive Content Password Protect

0 ≤ 1.1.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

patchstack.com: https://patchstack.com/database/Wordpress/Plugin/exclusive-content-password-protect/vulnerability/wordpress-exclusive-content-password-protect-plugin-1-1-0-csrf-to-arbitrary-file-upload-vulnerability?_s_id=cve

Credits

Joshua Chan | Patchstack Bug Bounty Program