CVE-2024-11002 | InPost Gallery Plugin up to 2.1.4.2 on WordPress Shortcode inpost_gallery_get_shortcode_template code injection

Posted by Angelo Barbosa | Nov 25, 2024 | CVE

A vulnerability has been found in InPost Gallery Plugin up to 2.1.4.2 on WordPress and classified as critical. This vulnerability affects the function inpost_gallery_get_shortcode_template of the component Shortcode Handler. The manipulation leads to code injection.

This vulnerability was named CVE-2024-11002. The attack can be initiated remotely. There is no exploit available.

CVE-2024-11002 | InPost Gallery Plugin up to 2.1.4.2 on WordPress Shortcode inpost_gallery_get_shortcode_template code injection

Related Posts

CVE-2024-4787 | Cost Calculator Builder Pro Plugin up to 3.1.75 on WordPress Email Sending unknown vulnerability

CVE-2024-31207 | vite server.fs.deny access control

CVE-2024-5987 | WP Accessibility Helper Plugin up to 0.6.2.8 on WordPress Setting authorization

CVE-2024-0240 | Silicon Labs Gecko SDK prior 4.3.0 Notifications resource consumption