CVE-2023-52311 | Paddle up to 2.5.x _wget_download os command injection (pdsa-2023-020)

Posted by Angelo Barbosa | Jan 3, 2024 | CVE

A vulnerability has been found in Paddle up to 2.5.x and classified as critical. This vulnerability affects the function _wget_download. The manipulation leads to os command injection.

This vulnerability was named CVE-2023-52311. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-52311 | Paddle up to 2.5.x _wget_download os command injection (pdsa-2023-020)

Related Posts

CVE-2023-43745 | Intel CBI Software prior 1.1.0 denial of service (intel-sa-01013)

CVE-2024-8872 | Store Hours for WooCommerce Plugin up to 4.3.20 on WordPress cross site scripting

CVE-2024-7817 | Misiek Photo Album Plugin up to 1.4.3 on WordPress cross-site request forgery

CVE-2024-36583 | byondreal accessor up to 1.0.0 prototype pollution