CVE-2024-11034 | wpbean Request a Quote for WooCommerce and Elementor Plugin Shortcode fire_contact_form code injection

Posted by Angelo Barbosa | Nov 23, 2024 | CVE

A vulnerability, which was classified as critical, was found in wpbean Request a Quote for WooCommerce and Elementor Plugin up to 1.4 on WordPress. Affected is the function fire_contact_form of the component Shortcode Handler. The manipulation leads to code injection.

This vulnerability is traded as CVE-2024-11034. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-11034 | wpbean Request a Quote for WooCommerce and Elementor Plugin Shortcode fire_contact_form code injection

Related Posts

CVE-2023-6393 | Quarkus Uni information disclosure

CVE-2023-6610 | Linux Kernel fs/smb/client/smb2ops.c smb2_dump_detail out-of-bounds

CVE-2024-9607 | 10Web Social Post Feed Plugin up to 1.2.9 on WordPress cross site scripting

CVE-2024-2563 | PandaXGO PandaX up to 20240310 upload.go DeleteImage fileName path traversal