CVE-2024-13487 | villatheme CURCY Plugin up to 2.2.5 on WordPress Shortcode get_products_price code injection

Inserito da Angelo Barbosa | Feb 6, 2025 | CVE

A vulnerability has been found in villatheme CURCY Plugin up to 2.2.5 on WordPress and classified as problematic. Affected by this vulnerability is the function get_products_price of the component Shortcode Handler. The manipulation leads to code injection.

This vulnerability is known as CVE-2024-13487. The attack can be launched remotely. There is no exploit available.

CVE-2024-13487 | villatheme CURCY Plugin up to 2.2.5 on WordPress Shortcode get_products_price code injection

Post correlati

CVE-2024-33586 | 10Web Photo Gallery Plugin up to 1.8.20 on WordPress authorization

CVE-2024-25770 | libming 0.4.8 listaction.c memory leak

CVE-2023-47462 | GL.iNet AX1800 up to 3.215 Sharing permission

CVE-2024-4248 | Tenda i21 1.0.0.14(4656) formQosManage_user ssidIndex stack-based overflow