CVE-2024-10910 | Grid Plus Plugin up to 1.3.5 on WordPress Shortcode grid_plus_load_by_category code injection

Posted by Angelo Barbosa | Dec 11, 2024 | CVE

A vulnerability has been found in Grid Plus Plugin up to 1.3.5 on WordPress and classified as critical. This vulnerability affects the function grid_plus_load_by_category of the component Shortcode Handler. The manipulation leads to code injection.

This vulnerability was named CVE-2024-10910. The attack can be initiated remotely. There is no exploit available.

CVE-2024-10910 | Grid Plus Plugin up to 1.3.5 on WordPress Shortcode grid_plus_load_by_category code injection

Related Posts

CVE-2024-30387 | Juniper Junos OS up to 22.4R2 on ACX Packet Forwarding Engine missing synchronization (JSA79187)

CVE-2023-47430 | ReadyMedia 1.3.3 tivo_commands.c SendContainer stack-based overflow

CVE-2024-2772 | Fluent Contact Form Plugin up to 5.1.13 on WordPress cross site scripting

CVE-2024-46906 | Progress WhatsUp Gold up to 2024.0.0 sql injection