CVE-2024-58349
Severity CVSS v4.0:
CRITICAL
Type:
CWE-434
Unrestricted Upload of File with Dangerous Type
Publication date:
08/06/2026
Last modified:
08/06/2026
Description
WordPress Theme Travelscape 1.0.3 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by exploiting insufficient validation in the theme's upload functionality. Attackers can upload arbitrary files to the theme directory and execute them to achieve remote code execution on the affected WordPress installation.
Impact
Base Score 4.0
9.30
Severity 4.0
CRITICAL
Base Score 3.x
9.80
Severity 3.x
CRITICAL



