CVE-2024-12419 | tobias_conrad Design for Contact Form 7 Style Plugin up to 1.6.9 on WordPress Shortcode do_shortcode code injection

Posted by Angelo Barbosa | Jan 7, 2025 | CVE

A vulnerability, which was classified as critical, has been found in tobias_conrad Design for Contact Form 7 Style Plugin up to 1.6.9 on WordPress. This issue affects the function do_shortcode of the component Shortcode Handler. The manipulation leads to code injection.

The identification of this vulnerability is CVE-2024-12419. The attack may be initiated remotely. There is no exploit available.

CVE-2024-12419 | tobias_conrad Design for Contact Form 7 Style Plugin up to 1.6.9 on WordPress Shortcode do_shortcode code injection

Related Posts

CVE-2024-34949 | likeshop 2.5.7 getOrderList sql injection

CVE-2024-51296 | Draytek Vigor 3900 1.5.1.3 mainfunction.cgi pingtrace command injection

CVE-2024-26258 | Elecom WRC-X3200GST3-B/WRC-G01-W Request os command injection

CVE-2024-1933 | TeamViewer Remote Client up to 15.51 on macOS symlink