CVE-2024-2025 | BuddyPress WooCommerce my Account Integration Plugin get_simple_request code injection

Inserito da Angelo Barbosa | Mar 22, 2024 | CVE

A vulnerability has been found in BuddyPress WooCommerce my Account Integration Plugin up to 3.4.20 on WordPress and classified as critical. Affected by this vulnerability is the function get_simple_request. The manipulation leads to code injection.

This vulnerability is known as CVE-2024-2025. The attack can be launched remotely. There is no exploit available.

CVE-2024-2025 | BuddyPress WooCommerce my Account Integration Plugin get_simple_request code injection

Post correlati

CVE-2024-3526 | Campcodes Online Event Management System 1.0 index.php msg cross site scripting

CVE-2023-42865 | Apple macOS ImageIO Privilege Escalation

CVE-2024-4411 | Mihdan Plugin up to 1.6.5.1 on WordPress Shortcode cross site scripting

CVE-2023-6733 | WP-Members Membership Plugin up to 3.4.8 on WordPress authorization