6 matches found
CVE-2021-24537
The Similar Posts WordPress plugin through 3.1.5 allow high privilege users to execute arbitrary PHP code in an hardened environment ie with DISALLOWFILEEDIT, DISALLOWFILEMODS and DISALLOWUNFILTEREDHTML set to true via the 'widgetrrmsimilarpostscondition' widget setting of the plugin...
CVE-2021-24537
creationtimestamp| type| source ---|---|--- 2021-11-08 20:29:18+00:00| seen| https://t.me/cibsecurity/31992...
CVE-2021-24537
The Similar Posts WordPress plugin through 3.1.5 allow high privilege users to execute arbitrary PHP code in an hardened environment ie with DISALLOWFILEEDIT, DISALLOWFILEMODS and DISALLOWUNFILTEREDHTML set to true via the 'widgetrrmsimilarpostscondition' widget setting of the plugin...
CVE-2021-24537
The Similar Posts WordPress plugin through 3.1.5 allow high privilege users to execute arbitrary PHP code in an hardened environment ie with DISALLOWFILEEDIT, DISALLOWFILEMODS and DISALLOWUNFILTEREDHTML set to true via the 'widgetrrmsimilarpostscondition' widget setting of the plugin...
CVE-2021-24537 Similar Posts <= 3.1.5 - Admin+ Arbitrary PHP Code Execution
The Similar Posts WordPress plugin through 3.1.5 allow high privilege users to execute arbitrary PHP code in an hardened environment ie with DISALLOWFILEEDIT, DISALLOWFILEMODS and DISALLOWUNFILTEREDHTML set to true via the 'widgetrrmsimilarpostscondition' widget setting of the plugin...
CVE-2021-24537
The CVE-2021-24537 issue affects the WordPress Similar Posts plugin up to version 3.1.5, where a high-privilege user can execute arbitrary PHP code via the widget_rrm_similar_posts_condition setting. The underlying vulnerability stems from allowing crafted payloads in the widget to run code in a ...