Hacked.be

Cybersecurity blog by Rein Daelman

Cover Image for CVE-2024-8856 - Unauthenticated RCE via Arbitrary File Upload

Today, I wanted to talk about CVE-2024-8856, a critical vulnerability I found and reported through WordFence. The issue was found in the WP Time Capsule plugin, which has over 20,000 active installations.

Rein Daelman
Rein Daelman