CVE-2024-9839

The The Uix Slideshow plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.6.5. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

CVE-2024-9839

The The Uix Slideshow plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.6.5. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

CVE-2024-9839 Uix Slideshow <= 1.6.5 - Unauthenticated Arbitrary Shortcode Execution

The The Uix Slideshow plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.6.5. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

CVE-2024-9839

CVE-2024-9839 concerns the WordPress plugin Uix Slideshow . It is vulnerable to unauthenticated arbitrary shortcode execution in all versions up to and including 1.6.5 , caused by executing an action that does not properly validate values before running do_shortcode. Connected sources collapse th...

CVE-2024-9839 Uix Slideshow <= 1.6.5 - Unauthenticated Arbitrary Shortcode Execution

The The Uix Slideshow plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.6.5. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

WordPress plugin The Uix Slideshow 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...

WordPress Uix Slideshow plugin <= 1.6.5 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by Francesco Carlucci in WordPress Plugin Uix Slideshow versions = 1.6.5...

WordPress Uix Slideshow Plugin <= 1.6.5 is vulnerable to Arbitrary Code Execution

Software Uix Slideshow Type Plugin Vulnerable versions = 1.6.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary Code Execution CVE CVE-2024-9839 Patch priority High CVSS severity High 7.3 Developer Claim ownership PSID c288369c6e6c Credits Francesco Carlucci Required privilege...

PT-2024-39878 · WordPress · Uix Slideshow

Name of the Vulnerable Software and Affected Versions: The Uix Slideshow plugin for WordPress versions up to, and including, 1.6.5 Description: The issue is due to the software allowing users to execute an action that does not properly validate a value before running do shortcode. This makes it...