CVE-2024-23512 | ProductX Plugin up to 3.1.4 on WordPress wopb_wishlist/wopb_compare code injection

Posted by Angelo Barbosa | Feb 1, 2024 | CVE

A vulnerability, which was classified as critical, was found in ProductX Plugin up to 3.1.4 on WordPress. Affected is an unknown function. The manipulation of the argument wopb_wishlist/wopb_compare leads to code injection.

This vulnerability is traded as CVE-2024-23512. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-23512 | ProductX Plugin up to 3.1.4 on WordPress wopb_wishlist/wopb_compare code injection

Related Posts

CVE-2024-32868 | Zitadel excessive authentication

CVE-2023-48703 | RobotsAndPencils go-saml up to 0.0.0-20230606195814-29020529affc improper authentication (GHSL-2023-121)

CVE-2024-25959 | Dell PowerScale OneFS up to 9.4.0.16/9.5.0.7/9.7.0.0/9.7.0.1 log file (dsa-2024-115)

CVE-2024-4291 | Tenda A301 15.13.08.12_multi_TDE01 /goform/setBlackRule formAddMacfilterRule deviceList stack-based overflow