WP Query Console <= 1.0 - Remote Code Execution

Improper Control of Generation of Code 'Code Injection' vulnerability in LUBUS WP Query Console allows Code Injection.This issue affects WP Query Console- from n/a through 1.0. id: CVE-2024-50498 info: name: WP Query Console = 1.0 - Remote Code Execution author: s4e-io severity: critical...

📄 WordPress Query Console 1.0 Code Injection

This code represents an advanced, class-based proof-of-concept targeting a code injection vulnerability in WordPress Query Console plugin version 1.0. It is designed as a CLI-only tool that automates payload upload, verification, command execution testing, and optional interactive shell access,...

Exploit for Code Injection in Lubus Wp_Query_Console

Introduction Handy tool for developers to quickly test vario...

PT-2025-32609 · Sap · Abap Platform

Name of the Vulnerable Software and Affected Versions: ABAP Platform affected versions not specified Description: A missing authorization check in the ABAP Platform allows an authenticated user with elevated privileges to bypass authorization restrictions for common transactions using the SQL...

VulnCheck KEV: CVE-2024-50498

Improper Control of Generation of Code 'Code Injection' vulnerability in Ajit Bohra WP Query Console wp-query-console allows Code Injection.This issue affects WP Query Console: from n/a through = 1.0...

CVE-2024-50498

Improper Control of Generation of Code 'Code Injection' vulnerability in Ajit Bohra WP Query Console wp-query-console allows Code Injection.This issue affects WP Query Console: from n/a through = 1.0...

Exploit for Code Injection in Lubus Wp_Query_Console

CVE-2024-50498 WP Query Console = 1.0 - Unauthenticated Re...

CVE-2024-50498

Improper Control of Generation of Code 'Code Injection' vulnerability in Ajit Bohra WP Query Console wp-query-console allows Code Injection.This issue affects WP Query Console: from n/a through = 1.0...

CVE-2024-50498

Improper Control of Generation of Code 'Code Injection' vulnerability in LUBUS WP Query Console allows Code Injection.This issue affects WP Query Console: from n/a through 1.0...

CVE-2024-50498

Improper Control of Generation of Code 'Code Injection' vulnerability in LUBUS WP Query Console allows Code Injection.This issue affects WP Query Console: from n/a through 1.0...

CVE-2024-50498 WordPress WP Query Console plugin <= 1.0 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Ajit Bohra WP Query Console wp-query-console allows Code Injection.This issue affects WP Query Console: from n/a through = 1.0...

CVE-2024-50498

Summary of CVE-2024-50498: The WordPress plugin WP Query Console ≤ 1.0 is vulnerable to an unauthenticated Remote Code Execution due to improper control of code generation, enabling arbitrary PHP execution via a crafted REST request (example: POST to /wp-json/wqc/v1/query with {"queryArgs":"phpin...

CVE-2024-50498 WordPress WP Query Console plugin <= 1.0 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Ajit Bohra WP Query Console wp-query-console allows Code Injection.This issue affects WP Query Console: from n/a through = 1.0...

WordPress plugin WP Query Console 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...

WordPress WP Query Console plugin <= 1.0 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin WP Query Console versions = 1.0...

WordPress WP Query Console Plugin <= 1.0 is vulnerable to Remote Code Execution (RCE)

Software WP Query Console Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Remote Code Execution RCE CVE CVE-2024-50498 Patch priority High CVSS severity High 10 Developer Claim ownership PSID af5ddac5f157 Credits stealthcopter Required privilege...