Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 4:44 a.m.5 views

CVE-2024-9581

The Shortcodes AnyWhere plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

7.3CVSS7.6AI score0.00441EPSS
Exploits0References1
OSV
OSV
added 2024/10/10 2:15 a.m.4 views

CVE-2024-9581

The Shortcodes AnyWhere plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

7.3CVSS6.1AI score0.00441EPSS
Exploits0References2
NVD
NVD
added 2024/10/10 2:15 a.m.19 views

CVE-2024-9581

The Shortcodes AnyWhere plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

7.3CVSS0.00441EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/10 2:6 a.m.29 views

CVE-2024-9581 Shortcodes AnyWhere <= 1.0.1 - Unauthenticated Arbitrary Shortcode Execution

The Shortcodes AnyWhere plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

7.3CVSS0.00441EPSS
Exploits0References2
CVE
CVE
added 2024/10/10 2:6 a.m.44 views

CVE-2024-9581

CVE-2024-9581 affects the WordPress plugin Shortcodes AnyWhere. The vulnerability is an unauthenticated arbitrary shortcode execution via do_shortcode due to improper value validation in all versions up to 1.0.1. Connected sources confirm this as an active issue (unpatched in Wordfence/NVD entrie...

7.3CVSS7.6AI score0.00441EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/09 12:0 a.m.13 views

WordPress Shortcodes AnyWhere Plugin <= 1.0.1 is vulnerable to Content Injection

Software Shortcodes AnyWhere Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2024-9581 Patch priority Medium CVSS severity Medium 7.3 Developer Claim ownership PSID 9c5d59c3c6ea Credits Francesco Carlucci Required privilege...

7.3CVSS6.8AI score0.00441EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder