Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistWordfenceCVELIST:CVE-2024-4038
HistoryMay 09, 2024 - 8:03 p.m.

CVE-2024-4038 Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro <= 5.3.1 - Unauthenticated Arbitrary Shortcode Execution

2024-05-0920:03:40
Wordfence
raw.githubusercontent.com
5
wordpress
woocommerce waitlist pro
unauthenticated execution
arbitrary shortcode

0.0005 Low

EPSS

Percentile

16.6%

JSON

The The Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro plugin for WordPress for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.3.1. This is due to the plugin for WordPress allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

Related

cve 1
wpvulndb 1
wordfence 1
cve
cve
CVE-2024-4038
2024-05-14 15:42:44
wpvulndb
wpvulndb
Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro < 5.3.2 - Unauthenticated Arbitrary Shortcode Execution
2024-05-07 00:00:00
wordfence
wordfence
Wordfence Intelligence Weekly WordPress Vulnerability Report (May 6, 2024 to May 12, 2024)
2024-05-16 13:04:14

0.0005 Low

EPSS

Percentile

16.6%

JSON
Related for CVELIST:CVE-2024-4038
cve1wpvulndb1wordfence1