Lucene search
China National Vulnerability DatabaseCNVD-2021-101468HistoryNov 10, 2021 - 12:00 a.m.
WordPress Plugin Code Injection Vulnerability (CNVD-2021-101468)
2021-11-1000:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
0.001 Low
EPSS
Percentile
31.1%
WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. The WordPress plugin is a WordPress open source application plugin. can be renamed to a PHP-terminated extension, allowing an authenticated “translator” user to inject PHP code into a PHP-terminated file in a web-accessible location. No details of the vulnerability are currently available.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress plugin loco translate | lt | 2.5.4 |
Related
cvelist
cvelist
CVE-2021-24721 Loco Translate < 2.5.4 - Authenticated PHP Code Injection
2021-11-08 17:35:14
patchstack
patchstack
prion
prion
Code injection
2021-11-08 18:15:00
wpvulndb
wpvulndb
Loco Translate < 2.5.4 - Authenticated PHP Code Injection
2021-10-11 00:00:00
cve
cve
CVE-2021-24721
2021-11-08 18:15:09
nvd
nvd
CVE-2021-24721
2021-11-08 18:15:09
openvas
openvas
WordPress Loco Translate Plugin < 2.5.4 PHP Injection Vulnerability
2021-11-16 00:00:00
wpexploit
wpexploit
Loco Translate < 2.5.4 - Authenticated PHP Code Injection
2021-10-11 00:00:00