CVE-2024-4037 | WP Photo Album Plus Plugin up to 8.7.02.003 on WordPress Shortcode code injection

Inserito da Angelo Barbosa | Mag 24, 2024 | CVE

A vulnerability, which was classified as critical, was found in WP Photo Album Plus Plugin up to 8.7.02.003 on WordPress. This affects an unknown part of the component Shortcode Handler. The manipulation leads to code injection.

This vulnerability is uniquely identified as CVE-2024-4037. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-4037 | WP Photo Album Plus Plugin up to 8.7.02.003 on WordPress Shortcode code injection

Post correlati

CVE-2024-3369 | code-projects Car Rental 1.0 add-vehicle.php Upload Image unrestricted upload

CVE-2024-5508 | Luxion KeyShot Viewer KSP File Parser out-of-bounds write

CVE-2024-38369 | xwiki-platform up to 14.x include authorization (GHSA-qcj3-wpgm-qpxh)

CVE-2024-2176 | Google Chrome prior 122.0.6261.111 FedCM use after free