NVD CRITICAL: CVE-2024-58349 — WordPress Theme Travelscape 1.0.3 contains an arbitrary file upload vulnerabilit...

Monday, June 8, 2026 at 02:16 AM UTC·Source: NIST NVD

Updated: Monday, June 8, 2026 at 03:00 AM UTC

Executive Summary

WordPress Theme Travelscape 1.0.3 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by exploiting insufficient validation in the theme's upload functionality. Attackers can upload arbitrary files to the theme directory and execute them to achieve remote code execution on the affected WordPress installation.

Analysis

Indicators of Compromise (1)

CVE (1)

CVE-2024-58349

NVD MITRE CVE

Source Attribution

Originally published by NIST NVD on Jun 8, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerability

Bug Bounty Research Triggers ServiceNow Security Alert

Bug bounty research inadvertently led organizations to believe they were being breached through their ServiceNow instances.

1h agoDark Reading

MEDIUMVulnerability

CISA to require federal agencies to patch some cyber vulnerabilities within 3 days

CISA is giving agencies 180 days to adopt the new patching time frame, according to a directive released Wednesday.

2h agoThe Record

MEDIUMVulnerability

How Federal Agencies Can Activate a Risk Operations Center (ROC) to Meet CISA BOD 26-04

Executive Summary Recognizing the ability of Frontier AI models to discover and exploit vulnerabilities at unprecedented speed and scale, CISA’s Binding Operational Directive (BOD) 26-04 marks a significant shift in federal vulnerability management. Rather than prioritizing remediation based on patch availability, the directive requires agencies to focus on risk-informed, evidence-based deci

2h agoQualys Blog