CVE-2024-31211 | WordPress 6.4.0/6.4.1 WP_HTML_Token deserialization (GHSA-m257-q4m5-j653)

Inserito da Angelo Barbosa | Apr 5, 2024 | CVE

A vulnerability classified as problematic has been found in WordPress 6.4.0/6.4.1. This affects the function WP_HTML_Token. The manipulation leads to deserialization.

This vulnerability is uniquely identified as CVE-2024-31211. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-31211 | WordPress 6.4.0/6.4.1 WP_HTML_Token deserialization (GHSA-m257-q4m5-j653)

Post correlati

CVE-2024-23477 | SolarWinds Access Rights Manager up to 2023.2.2 path traversal

CVE-2024-27353 | Insyde InsydeH2O SdHost/SdMmcDevice memory corruption

CVE-2023-46943 | evershop up to 1.0.0-rc.7 JSON Web Token hard-coded key

CVE-2024-47669 | Linux Kernel up to 6.10.9 nilfs2 nilfs_segctor_do_construct state issue