CYBERHAWK / CVE / CVE-2024-58348

CVE-2024-58348

CRITICAL CVSS 9.8 other

The flaw

WordPress Background Image Cropper version 1.2 contains a remote code execution vulnerability that allows unauthenticated attackers to upload arbitrary files by accessing the ups.php endpoint. Attackers can upload PHP files through the file

What to do

Review advisory and patch per vendor guidance.

▸ Scan my repo for CVE-2024-58348

References

NVD CISA KEV OSV GitHub Advisory MITRE News search

First seen 2026-06-12 · Tracked by PickBits CyberHawk · Weekly CVE digest

← All CVEs RSS Scheduled audits