CVE-2023-24676 | Processwire 3.0.210 New Module Installation download_zip_url Privilege Escalation

Posted by Angelo Barbosa | Jan 24, 2024 | CVE

A vulnerability, which was classified as critical, was found in Processwire 3.0.210. Affected is an unknown function of the component New Module Installation. The manipulation of the argument download_zip_url leads to Privilege Escalation.

This vulnerability is traded as CVE-2023-24676. Access to the local network is required for this attack. There is no exploit available.

CVE-2023-24676 | Processwire 3.0.210 New Module Installation download_zip_url Privilege Escalation

Related Posts

CVE-2024-50251 | Linux Kernel up to 6.11.6 netfilter skb_checksum Privilege Escalation

CVE-2024-5600 | happymonkeyagency SCSS Happy Compiler Plugin up to 1.3.10 on WordPress Setting import_settings authorization

CVE-2024-6132 | Pexels Plugin up to 1.2.2 on WordPress unrestricted upload

CVE-2024-6440 | SourceCodester Home Owners Collection Management System 1.0 Master.php id sql injection