Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:22 p.m.7 views

CVE-2021-24537

The Similar Posts WordPress plugin through 3.1.5 allow high privilege users to execute arbitrary PHP code in an hardened environment ie with DISALLOWFILEEDIT, DISALLOWFILEMODS and DISALLOWUNFILTEREDHTML set to true via the 'widgetrrmsimilarpostscondition' widget setting of the plugin...

7.2CVSS7.5AI score0.01514EPSS
Exploits2References1
Circl
Circl
added 2021/11/08 8:29 p.m.6 views

CVE-2021-24537

creationtimestamp| type| source ---|---|--- 2021-11-08 20:29:18+00:00| seen| https://t.me/cibsecurity/31992...

7.2CVSS7AI score0.01514EPSS
Exploits2References1
NVD
NVD
added 2021/11/08 6:15 p.m.33 views

CVE-2021-24537

The Similar Posts WordPress plugin through 3.1.5 allow high privilege users to execute arbitrary PHP code in an hardened environment ie with DISALLOWFILEEDIT, DISALLOWFILEMODS and DISALLOWUNFILTEREDHTML set to true via the 'widgetrrmsimilarpostscondition' widget setting of the plugin...

7.2CVSS0.01514EPSS
Exploits2References1
OSV
OSV
added 2021/11/08 6:15 p.m.4 views

CVE-2021-24537

The Similar Posts WordPress plugin through 3.1.5 allow high privilege users to execute arbitrary PHP code in an hardened environment ie with DISALLOWFILEEDIT, DISALLOWFILEMODS and DISALLOWUNFILTEREDHTML set to true via the 'widgetrrmsimilarpostscondition' widget setting of the plugin...

7.2CVSS6AI score0.01514EPSS
Exploits2References1
Cvelist
Cvelist
added 2021/11/08 5:34 p.m.35 views

CVE-2021-24537 Similar Posts <= 3.1.5 - Admin+ Arbitrary PHP Code Execution

The Similar Posts WordPress plugin through 3.1.5 allow high privilege users to execute arbitrary PHP code in an hardened environment ie with DISALLOWFILEEDIT, DISALLOWFILEMODS and DISALLOWUNFILTEREDHTML set to true via the 'widgetrrmsimilarpostscondition' widget setting of the plugin...

7.4AI score0.01514EPSS
Exploits2References1
CVE
CVE
added 2021/11/08 5:34 p.m.43 views

CVE-2021-24537

The CVE-2021-24537 issue affects the WordPress Similar Posts plugin up to version 3.1.5, where a high-privilege user can execute arbitrary PHP code via the widget_rrm_similar_posts_condition setting. The underlying vulnerability stems from allowing crafted payloads in the widget to run code in a ...

7.2CVSS7.2AI score0.01514EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder