CVE-2024-31211 | WordPress 6.4.0/6.4.1 WP_HTML_Token deserialization (GHSA-m257-q4m5-j653)

Posted by Angelo Barbosa | Apr 5, 2024 | CVE

A vulnerability classified as problematic has been found in WordPress 6.4.0/6.4.1. This affects the function WP_HTML_Token. The manipulation leads to deserialization.

This vulnerability is uniquely identified as CVE-2024-31211. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-31211 | WordPress 6.4.0/6.4.1 WP_HTML_Token deserialization (GHSA-m257-q4m5-j653)

Related Posts

CVE-2024-4958 | User Registration Plugin up to 3.2.0.1 on WordPress authorization

CVE-2023-51034 | Totolink EX1200L 9.3.5u.6146_B20201023 cstecgi.cgi UploadFirmwareFile Privilege Escalation

CVE-2023-49262 | Hongdian H8951-4G-ESP prior 2310271149 Cookie authentication improper authentication

CVE-2024-0623 | VK Block Patterns Plugin up to 1.31.1.1 on WordPress cross-site request forgery