CVE-2024-10728 | wpxpo Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX Plugin Installation install_required_plugin_callback authorization

Inserito da Angelo Barbosa | Nov 16, 2024 | CVE

A vulnerability was found in wpxpo Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX up to 4.1.16 on WordPress. It has been declared as critical. Affected by this vulnerability is the function install_required_plugin_callback of the component Plugin Installation Handler. The manipulation leads to missing authorization.

This vulnerability is known as CVE-2024-10728. The attack can be launched remotely. There is no exploit available.

CVE-2024-10728 | wpxpo Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX Plugin Installation install_required_plugin_callback authorization

Post correlati

CVE-2024-26587 | Linux Kernel up to 6.5/6.6.13/6.7.1 devlink.sh nsim_init_netdevsim null pointer dereference (08aca65997fb/c5068e442eed/ea937f772083)

CVE-2024-1946 | Genesis Blocks Plugin up to 3.1.2 on WordPress Block Content cross site scripting

CVE-2023-26998 | NetScout nGeniusOne 6.3.4 Alert Configuration Page cross site scripting

CVE-2023-51136 | Totolink X2000R Gh 1.0.0-B20230221.0948.web formRebootSchedule stack-based overflow