all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

$657 Bounty Awarded for Arbitrary File Upload Patched in WEmanage App Worker WordPress Plugin

Add to bookmarks
April 5, 2024, 3:02 p.m. | István Márton

Wordfence www.wordfence.com

On February 1st, 2024, during our Bug Bounty Extravaganza, we received a submission for an Arbitrary File Upload vulnerability in Management App for WooCommerce, a WordPress plugin with 1,000+ active installations. This vulnerability makes it possible for authenticated users such as subscribers and customers to upload arbitrary files to a vulnerable site and achieve remote ...
Read More


The post $657 Bounty Awarded for Arbitrary File Upload Patched in WEmanage App Worker WordPress Plugin appeared first on Wordfence.

app bounty bug bug bounty customers february file file upload management plugin research submission subscribers upload vulnerabilities vulnerability woocommerce wordpress wordpress plugin wordpress security worker

Visit resource

More from www.wordfence.com / Wordfence

$197 Bounty Awarded for Unauthenticated Arbitrary Post Deletion Vulnerability Patched in LeadConnector WordPress Plugin 2 days, 10 hours ago | www.wordfence.com
bounty bug bug bounty deletion +16
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 15, 2024 to April 21, 2024) 6 days, 9 hours ago | www.wordfence.com
april bounty bug bug bounty +17
$493 Bounty Awarded for Arbitrary Options Update Vulnerability Patched in WP Datepicker WordPress Plugin 1 week, 1 day ago | www.wordfence.com
april bounty bug bug bounty +16
$2,063 Bounty Awarded for Privilege Escalation Vulnerability Patched in User Registration WordPress Plugin 1 week, 5 days ago | www.wordfence.com
bounty bug bug bounty disclosure +18
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 8, 2024 to April 14, 2024) 1 week, 6 days ago | www.wordfence.com
april bounty bug bug bounty +17
$400 Bounty Awarded for SQL Injection Vulnerability Patched in WP Activity Log Premium WordPress Plugin 2 weeks ago | www.wordfence.com
activity log bounty bug bug bounty +21
$1,250 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in Email Subscribers by Icegram Express … 2 weeks, 2 days ago | www.wordfence.com
bounty bug bug bounty can +19
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 1, 2024 to April 7, 2024) 2 weeks, 6 days ago | www.wordfence.com
april bounty bug bug bounty +17
Unauthenticated Stored Cross-Site Scripting Vulnerability Patched in WordPress Core 3 weeks ago | www.wordfence.com
april block bug cross-site +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Security Engineer II- Full stack Java with React

@ JPMorgan Chase & Co. | Hyderabad, Telangana, India
View on infosec-jobs.com

Cybersecurity SecOps

@ GFT Technologies | Mexico City, MX, 11850
View on infosec-jobs.com

Senior Information Security Advisor

@ Sun Life | Sun Life Toronto One York
View on infosec-jobs.com

Contract Special Security Officer (CSSO) - Top Secret Clearance

@ SpaceX | Hawthorne, CA
View on infosec-jobs.com

Early Career Cyber Security Operations Center (SOC) Analyst

@ State Street | Quincy, Massachusetts
View on infosec-jobs.com
View more jobs