CVE-2024-34528 | WordOps up to 3.20.0 stack_pref.py os.open toctou (Issue 611)

Posted by Angelo Barbosa | May 6, 2024 | CVE

A vulnerability was found in WordOps up to 3.20.0. It has been classified as problematic. This affects the function os.open of the file wo/cli/plugins/stack_pref.py. The manipulation leads to time-of-check time-of-use.

This vulnerability is uniquely identified as CVE-2024-34528. Access to the local network is required for this attack to succeed. There is no exploit available.

CVE-2024-34528 | WordOps up to 3.20.0 stack_pref.py os.open toctou (Issue 611)

Related Posts

CVE-2024-27927 | RSSHub server-side request forgery

CVE-2024-46740 | Linux Kernel up to 6.10.9 binder use after free

CVE-2023-52060 | Gestsup 3.2.46 cross-site request forgery

CVE-2024-3225 | SourceCodester PHP Task Management System 1.0 edit-task.php task_id sql injection