CVE-2024-10952 | Authors List Plugin up to 2.0.4 on WordPress Shortcode update_authors_list_ajax code injection

Inserito da Angelo Barbosa | Dic 3, 2024 | CVE

A vulnerability classified as critical was found in Authors List Plugin up to 2.0.4 on WordPress. This vulnerability affects the function update_authors_list_ajax of the component Shortcode Handler. The manipulation leads to code injection.

This vulnerability was named CVE-2024-10952. The attack can be initiated remotely. There is no exploit available.

CVE-2024-10952 | Authors List Plugin up to 2.0.4 on WordPress Shortcode update_authors_list_ajax code injection

Post correlati

CVE-2024-6511 | y_project RuoYi up to 4.7.9 Content-Type isJsonRequest HttpHeaders.CONTENT_TYPE cross site scripting (IA8O7O)

CVE-2024-42427 | Dell Wyse Proprietary OS 2402/2405 command injection (dsa-2024-386)

CVE-2024-43924 | Responsive Lightbox Plugin up to 2.4.7 on WordPress authorization

CVE-2024-1072 | SeedProd Website Builder Plugin up to 6.15.21 on WordPress seedprod_lite_new_lpage authorization