We’re taking on a small number of new builds and rebuilds this quarter. Book a call to see if your project is a fit.

CVE CVE-2024-58349

CVE-2024-58349

WordPress

Severity: CRITICAL
CVSS: 9.8CVSS
Published: 2026-06-08
Last modified: 2026-06-08
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-434

Description

WordPress Theme Travelscape 1.0.3 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by exploiting insufficient validation in the theme's upload functionality. Attackers can upload arbitrary files to the theme directory and execute them to achieve remote code execution on the affected WordPress installation.

References

https://www.exploit-db.com/exploits/51969
https://www.vulncheck.com/advisories/wordpress-theme-travelscape-arbitrary-file-upload

Summary

Description

References