Description
The HTTP PUT and DELETE methods are enabled in the Plone official Docker version 5.2.13 (5221), allowing unauthenticated attackers to execute dangerous actions such as uploading files to the server or deleting them.
Remediation
References
Related Vulnerabilities
WordPress Plugin Advanced Dynamic Pricing for WooCommerce Multiple Vulnerabilities (4.1.5)
WordPress Plugin open-flash-chart-core Remote Code Execution (0.4)
WordPress Plugin Chop Slider 3 SQL Injection (3.4)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5297)
WordPress Plugin P3 (Plugin Performance Profiler) Cross-Site Scripting (1.5.3.8)