Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:36 a.m.5 views

CVE-2024-34528

WordOps through 3.20.0 has a wo/cli/plugins/stackpref.py TOCTOU race condition because the confpath os.open does not use a mode parameter during file creation...

7.7CVSS7.5AI score0.00181EPSS
Exploits0References1
Veracode
Veracode
added 2024/05/07 8:11 a.m.14 views

Race Condition

wordops is vulnerable to Time-of-check Time-of-use TOCTOU Race Condition in stackpref.py. The vulnerability is due to calling os.open without a mode parameter during file creation, potentially allowing an attacker to manipulate the file before it is opened by the application...

7.7CVSS6.7AI score0.00181EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2024/05/06 12:30 a.m.15 views

WordOps has TOCTOU race condition

WordOps through 3.20.0 has a wo/cli/plugins/stackpref.py TOCTOU race condition because the confpath os.open does not use a mode parameter during file creation...

7.7CVSS6.8AI score0.00181EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2024/05/06 12:30 a.m.20 views

GHSA-23QQ-P4GQ-GC2G WordOps has TOCTOU race condition

WordOps through 3.20.0 has a wo/cli/plugins/stackpref.py TOCTOU race condition because the confpath os.open does not use a mode parameter during file creation...

7.7CVSS7.5AI score0.00181EPSS
Exploits0References6
OSV
OSV
added 2024/05/06 12:15 a.m.6 views

PYSEC-2024-175

WordOps through 3.20.0 has a wo/cli/plugins/stackpref.py TOCTOU race condition because the confpath os.open does not use a mode parameter during file creation...

7.7CVSS7.5AI score0.00181EPSS
Exploits0References3
NVD
NVD
added 2024/05/06 12:15 a.m.13 views

CVE-2024-34528

WordOps through 3.20.0 has a wo/cli/plugins/stackpref.py TOCTOU race condition because the confpath os.open does not use a mode parameter during file creation...

7.7CVSS6.5AI score0.00181EPSS
Exploits0References2
PyPA
PyPA
added 2024/05/06 12:15 a.m.7 views

PYSEC-2024-175

WordOps through 3.20.0 has a wo/cli/plugins/stackpref.py TOCTOU race condition because the confpath os.open does not use a mode parameter during file creation...

7.7CVSS6.9AI score0.00181EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/05/05 12:0 a.m.3 views

CVE-2024-34528

WordOps through 3.20.0 has a wo/cli/plugins/stackpref.py TOCTOU race condition because the confpath os.open does not use a mode parameter during file creation...

7.7CVSS7.5AI score0.00181EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/05/05 12:0 a.m.3 views

WordOps 安全漏洞

WordOps is an important toolset from WordOps that simplifies WordPress website and server management. A security vulnerability exists in WordOps 3.20.0 and earlier versions, which stems from the presence of a TOCTOU contention condition in wo/cli/plugins/stackpref.py because confpath os.open does...

7.7CVSS7.3AI score0.00181EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/05 12:0 a.m.11 views

CVE-2024-34528

WordOps through 3.20.0 has a wo/cli/plugins/stackpref.py TOCTOU race condition because the confpath os.open does not use a mode parameter during file creation...

6.8AI score0.00181EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/05 12:0 a.m.20 views

CVE-2024-34528

WordOps through 3.20.0 has a wo/cli/plugins/stackpref.py TOCTOU race condition because the confpath os.open does not use a mode parameter during file creation...

6.8AI score0.00181EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/05 12:0 a.m.5 views

PT-2024-25950 · Wordops · Wordops

Name of the Vulnerable Software and Affected Versions: WordOps versions prior to 3.20.1 Description: The issue is related to a TOCTOU race condition in the wo/cli/plugins/stack pref.py file. This occurs because the conf path os.open does not use a mode parameter during file creation, potentially...

7.7CVSS6.8AI score0.00181EPSS
Exploits0References12
CVE
CVE
added 2024/05/05 12:0 a.m.64 views

CVE-2024-34528

WordOps up to version 3.20.0 is affected by a TOCTOU race condition in wo/cli/plugins/stack_pref.py. The root cause is conf_path os.open being used without a mode parameter during file creation, enabling a potential local race condition. The CVE (CVE-2024-34528) documents a HIGH-severity impact (...

7.7CVSS6.7AI score0.00181EPSS
Exploits0References2
Rows per page
Query Builder