Lucene search

CVE-2024-7560 News Flash <= 1.1.0 - Authenticated (Editor+) PHP Object Injection

🗓️ 08 Aug 2024 01:33:50Reported by WordfenceType

CVE-2024-7560 News Flash <= 1.1.0 - Authenticated PHP Object Injection via WordPress Them

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
RedhatCVE	CVE-2024-7560	5 Feb 202511:42	–	redhatcve
Patchstack	WordPress News Flash Theme <= 1.1.0 is vulnerable to PHP Object Injection	7 Aug 202400:00	–	patchstack
Vulnrichment	CVE-2024-7560 News Flash <= 1.1.0 - Authenticated (Editor+) PHP Object Injection	8 Aug 202401:50	–	vulnrichment
NVD	CVE-2024-7560	8 Aug 202402:15	–	nvd
CVE	CVE-2024-7560	8 Aug 202402:15	–	cve
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (August 5, 2024 to August 11, 2024)	15 Aug 202417:14	–	wordfence

[
  {
    "vendor": "codename065",
    "product": "News Flash",
    "versions": [
      {
        "version": "*",
        "status": "affected",
        "lessThanOrEqual": "1.1.0",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
themes	www.themes.trac.wordpress.org/browser/news-flash/1.1.0/page.php
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/d5631826-6975-41e9-a896-f2aa0581334f

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

08 Aug 2024 01:50Current

CVSS37.2

EPSS0.01777

CWE-502