CVE-2024-13714 | allimages All-Images.ai Plugin up to 1.0.4 on WordPress _get_image_by_url unrestricted upload

CVE-2024-13714 | allimages All-Images.ai Plugin up to 1.0.4 on WordPress _get_image_by_url unrestricted upload

A vulnerability, which was classified as critical, was found in allimages All-Images.ai Plugin up to 1.0.4 on WordPress. Affected is the function _get_image_by_url. The manipulation leads to unrestricted upload. This vulnerability is traded as CVE-2024-13714. It is possible to launch the attack remotely. There is no exploit available.