CVE-2024-11038 | wpbean WPB Popup for Contact Form 7 Plugin up to 1.7.5 on WordPress Shortcode wpb_pcf_fire_contact_form code injection

Posted by Angelo Barbosa | Nov 19, 2024 | CVE

A vulnerability, which was classified as critical, was found in wpbean WPB Popup for Contact Form 7 Plugin up to 1.7.5 on WordPress. This affects the function wpb_pcf_fire_contact_form of the component Shortcode Handler. The manipulation leads to code injection.

This vulnerability is uniquely identified as CVE-2024-11038. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-11038 | wpbean WPB Popup for Contact Form 7 Plugin up to 1.7.5 on WordPress Shortcode wpb_pcf_fire_contact_form code injection

Related Posts

CVE-2024-8369 | EventPrime Plugin up to 4.0.4.3 on WordPress authorization

CVE-2024-31819 | WWBN Avideo up to 12.4/14.2 submitIndex.php systemRootPath Privilege Escalation

CVE-2024-4329 | Thim Elementor Kit Plugin up to 1.1.9 on WordPress id cross site scripting

CVE-2024-21182 | Oracle WebLogic Server 12.2.1.4.0/14.1.1.0.0 Core information disclosure