CVE-2024-6366

CRITICAL NUCLEI

User Profile Builder <3.11.8 - Info Disclosure

Title source: llm

Description

The User Profile Builder WordPress plugin before 3.11.8 does not have proper authorisation, allowing unauthenticated users to upload media files via the async upload functionality of WP.

Exploits (3)

github WORKING POC

by Boshe99 · pythonpoc

https://github.com/Boshe99/CVE-Exploits/tree/main/CVE-2024-6366-PoC

View Code ZIP pw:eip

nomisec WORKING POC

by Nxploited · poc

https://github.com/Nxploited/CVE-2024-6366-PoC

View Code ZIP pw:eip

nomisec WORKING POC

by Abdurahmon3236 · poc

https://github.com/Abdurahmon3236/CVE-2024-6366

View Code ZIP pw:eip

Nuclei Templates (1)

User Profile Builder < 3.11.8 - File Upload

HIGHby s4e-io

References (1)

[Exploit, Third Party Advisory] https://wpscan.com/vulnerability/5b90cbdd-52cc-4e7b-bf39-bea0dd59e19e/

Scores

CVSS v3 9.1

EPSS 0.9147

EPSS Percentile 99.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Details

CWE

CWE-434

Status published

Products (1)

cozmoslabs/profile_builder < 3.11.8

Published Jul 29, 2024

Tracked Since Feb 18, 2026