CVE-2023-52311 | Paddle up to 2.5.x _wget_download os command injection (pdsa-2023-020)

Posted by Angelo Barbosa | Jan 3, 2024 | CVE

A vulnerability has been found in Paddle up to 2.5.x and classified as critical. This vulnerability affects the function _wget_download. The manipulation leads to os command injection.

This vulnerability was named CVE-2023-52311. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-52311 | Paddle up to 2.5.x _wget_download os command injection (pdsa-2023-020)

Related Posts

CVE-2023-28421 | Winwar Media Email Marketing Plugin up to 3.10 on WordPress information disclosure

CVE-2024-3190 | Unlimited Elements for Elementor Plugin up to 1.5.107 on WordPress Text Field cross site scripting

CVE-2024-50418 | Time Slot Booking Time Slot Plugin up to 1.3.6 on WordPress cross site scripting

CVE-2024-3285 | MetaSlider Slider, Gallery, and Carousel Plugin up to 3.70.0 on WordPress Shortcode cross site scripting