Mailjet - Moderately critical - Arbitrary PHP code execution - SA-CONTRIB-2024-062

This module for Drupal provides complete control of Email settings with Drupal and Mailjet. In certain cases the module doesn't securely pass data to PHP's unserialize function, which could result in Remote Code Execution via PHP Object Injection. This vulnerability is mitigated by the fact that ...

CVE-2024-9529

The Secure Custom Fields WordPress plugin before 6.3.9, Secure Custom Fields WordPress plugin before 6.3.6.3, Advanced Custom Fields Pro WordPress plugin before 6.3.9 does not prevent users from running arbitrary functions through its setting import functionalities, which could allow high privile...

WordPress plugin Secure Custom Fields 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in th...

CVE-2024-51748

Kanboard is project management software that focuses on the Kanban methodology. An authenticated Kanboard admin can run arbitrary php code on the server in combination with a file write possibility. The user interface language is determined and loaded by the setting applicationlanguage in the...

PT-2024-16281 · WordPress · Wpc Smart Messages

Name of the Vulnerable Software and Affected Versions: WPC Smart Messages for WooCommerce plugin for WordPress versions up to, and including, 4.2.1 Description: The issue allows authenticated attackers with Subscriber-level access and above to include and execute arbitrary files on the server via...

CVE-2024-9162 All-in-One WP Migration and Backup <= 7.86 - Authenticated (Administrator+) Arbitrary PHP Code Injection

The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to arbitrary PHP Code Injection due to missing file type validation during the export in all versions up to, and including, 7.86. This makes it possible for authenticated attackers, with Administrator-level access and above...

PT-2024-38986 · WordPress · Wordpress Post Grid Layouts With Pagination – Sogrid

Name of the Vulnerable Software and Affected Versions: WordPress Post Grid Layouts with Pagination – Sogrid plugin versions up to, and including, 1.5.2 Description: The issue allows authenticated attackers with Administrator-level access and above to include and execute arbitrary files on the...

Exploit for CVE-2024-9441

CVE-2024-9441 Description of the Vulnerability: This code exp...

Exploit for CVE-2024-9162

CVE-2024-9162 All-in-One WP Migration and Backup SELECT op...

CVE-2022-2439

The Easy Digital Downloads – Simple eCommerce for Selling Digital Files plugin for WordPress is vulnerable to deserialization of untrusted input via the 'uploadfile' parameter in versions up to, and including 3.3.3. This makes it possible for authenticated administrative users to call files using...

CVE-2022-2446

CVE-2022-2446 affects the WP Editor WordPress plugin. The vulnerability is a PHAR deserialization issue via the current_theme_root parameter in versions up to and including 1.2.9. An authenticated attacker with administrative privileges who can upload a serialized payload can trigger deserializat...

CVE-2022-2446 WP Editor <= 1.2.9 - Authenticated (Admin+) PHAR Deserialization

The WP Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the 'currentthemeroot' parameter in versions up to, and including 1.2.9. This makes it possible for authenticated attackers with administrative privileges to call files using a PHAR wrapper that will...

WordPress plugin Favicon Generator 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...

SPIP BigUp 4.3.1 / 4.2.15 / 4.1.17 Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SPIP BigUp Plugin Unauthenticated RCE', 'Description' = %q This module exploits a Remote Code Execution vulnerability in the BigUp plugin of SPIP...

PT-2024-38890

Name of the Vulnerable Software and Affected Versions: Clean Login plugin for WordPress versions up to, and including, 1.14.5 Description: The Clean Login plugin for WordPress is vulnerable to Local File Inclusion via the template attribute of the clean-login-register shortcode. This allows...

CVE-2022-2440 Theme Editor <= 2.8 - Authenticated (Admin+) PHAR Deserialization

The Theme Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the 'imagesarray' parameter in versions up to, and including 2.8. This makes it possible for authenticated attackers with administrative privileges to call files using a PHAR wrapper that will deserializ...

CVE-2024-41924

Acceptance of extraneous untrusted data with trusted data vulnerability exists in EC-CUBE 4 series. If this vulnerability is exploited, an attacker who obtained the administrative privilege may install an arbitrary PHP package. If the obsolete versions of PHP packages are installed, the product m...

EC-CUBE 4 Series improper input validation when installing plugins

Overview EC-CUBE 4 series provided by EC-CUBE CO.,LTD improperly validates inputs when installing plugins CWE-349. EC-CUBE CO.,LTD. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and EC-CUBE CO.,LTD. coordinated under the Information Security Early...

PT-2024-36462 · WordPress · Wp Blog Post Layouts

Name of the Vulnerable Software and Affected Versions: WP Blog Post Layouts plugin for WordPress versions up to, and including, 1.1.3 Description: The WP Blog Post Layouts plugin for WordPress is vulnerable to Local File Inclusion. This makes it possible for authenticated attackers, with...

OS Command Injection

php81 is vulnerable to OS Command Injection. The vulnerability is due to misinterpretation of characters in the command line by the PHP CGI module when using certain code pages on Windows. This may allow a malicious user to pass options to the PHP binary, potentially revealing source code, runnin...