cleantalk
Vulnerabilities and Security Researches

GEO my WordPress, CVE-2024-9422

CVE, Research URL

CVE-2024-9422

Home page URL

Security reports for GEO my WordPress

Application

GEO my WordPress

Published on
Nov 22, 2024
Research Description
The GEO my WP WordPress plugin before 4.5, gmw-premium-settings WordPress plugin before 3.1 does not sufficiently validate files to be uploaded, which could allow attackers to upload arbitrary files such as PHP on the server.
Affected versions
Min 4.0, max 4.5.
Status
vulnerable
Previous vulnerability researches
GEO my WordPress (CVE-2026-9757) , Jun 01, 2026
GEO my WordPress (CVE-2024-54326) , Dec 15, 2024
GEO my WordPress (CVE-2024-9422) , Nov 24, 2024
GEO my WordPress (CVE-2024-47327) , Sep 28, 2024
GEO my WordPress (CVE-2024-32097) , Jun 07, 2024
New vulnerability
GEO my WordPress (CVE-2026-9757) , Jun 01, 2026
StatCounter – Free Real Time Visitor Stats (CVE-2026-6275) , May 31, 2026
Post Snippets – Custom WordPress Code Snippets Customizer (CVE-2026-7430) , May 31, 2026
Poll Maker – Best WordPress Poll Plugin (CVE-2026-8995) , May 31, 2026
Login with phone number (CVE-2026-3655) , May 31, 2026