CVE-2024-9846 | Enable Shortcodes Inside Widget, Comments and Experts Plugin Shortcode Remote Code Execution

Posted by Angelo Barbosa | Oct 29, 2024 | CVE

A vulnerability was found in Enable Shortcodes Inside Widget, Comments and Experts Plugin up to 1.0.0 on WordPress. It has been rated as critical. Affected by this issue is some unknown functionality of the component Shortcode Handler. The manipulation leads to Remote Code Execution.

This vulnerability is handled as CVE-2024-9846. Access to the local network is required for this attack to succeed. There is no exploit available.

CVE-2024-9846 | Enable Shortcodes Inside Widget, Comments and Experts Plugin Shortcode Remote Code Execution

Related Posts

CVE-2024-32693 | ValvePress Automatic Plugin up to 3.92.x on WordPress cross-site request forgery

CVE-2024-25300 | Redaxo 5.15.1 Template Section Name cross site scripting

CVE-2024-1548 | Mozilla Firefox up to 122 Fullscreen Notification improper restriction of rendered ui layers

CVE-2024-35333 | html2xhtml 1.3 read_charset_decl stack-based overflow