CVE-2024-34528 | WordOps up to 3.20.0 stack_pref.py os.open toctou (Issue 611)

Posted by Angelo Barbosa | May 6, 2024 | CVE

A vulnerability was found in WordOps up to 3.20.0. It has been classified as problematic. This affects the function os.open of the file wo/cli/plugins/stack_pref.py. The manipulation leads to time-of-check time-of-use.

This vulnerability is uniquely identified as CVE-2024-34528. Access to the local network is required for this attack to succeed. There is no exploit available.

CVE-2024-34528 | WordOps up to 3.20.0 stack_pref.py os.open toctou (Issue 611)

Related Posts

CVE-2024-7257 | YayExtra Plugin up to 1.3.7 on WordPress handle_upload_file unrestricted upload

CVE-2024-46085 | FrogCMS 0.9.5 cross-site request forgery

CVE-2024-4793 | Campcodes Online Laundry Management System 1.0 /manage_laundry.php id sql injection

CVE-2024-42060 | Zyxel ATP/USG FLEX/USG FLEX 50(W)/USG20(W)-VPN up to 5.38 os command injection