CVE-2024-10689 | webangon XLTab Plugin up to 1.4 on WordPress Shortcode XLTAB_INSERT_TPL authorization

Inserito da Angelo Barbosa | Dic 6, 2024 | CVE

A vulnerability was found in webangon XLTab Plugin up to 1.4 on WordPress. It has been declared as problematic. Affected by this vulnerability is the function XLTAB_INSERT_TPL of the component Shortcode Handler. The manipulation leads to authorization bypass.

This vulnerability is known as CVE-2024-10689. The attack can be launched remotely. There is no exploit available.

CVE-2024-10689 | webangon XLTab Plugin up to 1.4 on WordPress Shortcode XLTAB_INSERT_TPL authorization

Post correlati

CVE-2024-22714 | Stupid Simple CMS up to 1.2.4 Editing Section cross site scripting

CVE-2023-46147 | Themify Ultra Plugin up to 7.3.5 on WordPress deserialization

CVE-2024-11150 | vanquish User Extra Fields Plugin up to 16.6 on WordPress wp-config.php delete_tmp_uploaded_file path traversal

CVE-2024-1854 | Essential Blocks Plugin up to 4.5.1 on WordPress cross site scripting